Total
151 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-41847 | 1 Axiosys | 1 Bento4 | 2025-05-20 | N/A | 5.5 MEDIUM |
| An issue was discovered in Bento4 1.6.0-639. A memory leak exists in AP4_StdcFileByteStream::Create(AP4_FileByteStream*, char const*, AP4_FileByteStream::Mode, AP4_ByteStream*&) in System/StdC/Ap4StdCFileByteStream.cpp. | |||||
| CVE-2022-41846 | 1 Axiosys | 1 Bento4 | 2025-05-20 | N/A | 5.5 MEDIUM |
| An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp. | |||||
| CVE-2022-41845 | 1 Axiosys | 1 Bento4 | 2025-05-20 | N/A | 5.5 MEDIUM |
| An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_Array<AP4_ElstEntry>::EnsureCapacity in Core/Ap4Array.h. | |||||
| CVE-2022-41841 | 1 Axiosys | 1 Bento4 | 2025-05-20 | N/A | 5.5 MEDIUM |
| An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_File::ParseStream in Core/Ap4File.cpp, which is called from AP4_File::AP4_File. | |||||
| CVE-2024-57598 | 1 Axiosys | 1 Bento4 | 2025-05-15 | N/A | 6.5 MEDIUM |
| A floating point exception (divide-by-zero) vulnerability was discovered in Bento4 1.6.0-641 in function AP4_TfraAtom() of Ap4TfraAtom.cpp which allows a remote attacker to cause a denial of service vulnerability. | |||||
| CVE-2025-25947 | 1 Axiosys | 1 Bento4 | 2025-05-13 | N/A | 5.5 MEDIUM |
| An issue in Bento4 v1.6.0-641 allows an attacker to trigger a segmentation fault via Ap4Atom.cpp, specifically in AP4_AtomParent::RemoveChild, during the execution of mp4encrypt with a specially crafted MP4 input file. | |||||
| CVE-2025-25946 | 1 Axiosys | 1 Bento4 | 2025-05-13 | N/A | 5.5 MEDIUM |
| An issue in Bento4 v1.6.0-641 allows an attacker to cause a memory leak via Ap4Marlin.cpp and Ap4Processor.cpp, specifically in AP4_MarlinIpmpEncryptingProcessor::Initialize and AP4_Processor::Process, during the execution of mp4encrypt with a specially crafted MP4 input file. | |||||
| CVE-2025-25945 | 1 Axiosys | 1 Bento4 | 2025-05-13 | N/A | 6.5 MEDIUM |
| An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the Mp4Fragment.cpp and in AP4_DescriptorFactory::CreateDescriptorFromStream at Ap4DescriptorFactory.cpp. | |||||
| CVE-2025-25944 | 1 Axiosys | 1 Bento4 | 2025-05-13 | N/A | 7.3 HIGH |
| Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the Ap4RtpAtom.cpp, specifically in AP4_RtpAtom::AP4_RtpAtom, during the execution of mp4fragment with a crafted MP4 input file. | |||||
| CVE-2025-25943 | 1 Axiosys | 1 Bento4 | 2025-05-13 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the AP4_Stz2Atom::AP4_Stz2Atom component located in Ap4Stz2Atom.cpp. | |||||
| CVE-2025-25942 | 1 Axiosys | 1 Bento4 | 2025-05-13 | N/A | 6.5 MEDIUM |
| An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the mp4fragment tool when processing invalid files. Specifically, memory allocated in SampleArray::SampleArray in Mp4Fragment.cpp is not properly released. | |||||
| CVE-2022-40885 | 1 Axiosys | 1 Bento4 | 2025-05-09 | N/A | 5.5 MEDIUM |
| Bento4 v1.6.0-639 has a memory allocation issue that can cause denial of service. | |||||
| CVE-2022-40884 | 1 Axiosys | 1 Bento4 | 2025-05-09 | N/A | 5.5 MEDIUM |
| Bento4 1.6.0 has memory leaks via the mp4fragment. | |||||
| CVE-2022-43038 | 1 Axiosys | 1 Bento4 | 2025-05-08 | N/A | 6.5 MEDIUM |
| Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadCache() function in mp42ts. | |||||
| CVE-2022-43037 | 1 Axiosys | 1 Bento4 | 2025-05-08 | N/A | 6.5 MEDIUM |
| An issue was discovered in Bento4 1.6.0-639. There is a memory leak in the function AP4_File::ParseStream in /Core/Ap4File.cpp. | |||||
| CVE-2022-43035 | 1 Axiosys | 1 Bento4 | 2025-05-08 | N/A | 6.5 MEDIUM |
| An issue was discovered in Bento4 v1.6.0-639. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42aac. | |||||
| CVE-2022-43034 | 1 Axiosys | 1 Bento4 | 2025-05-08 | N/A | 6.5 MEDIUM |
| An issue was discovered in Bento4 v1.6.0-639. There is a heap buffer overflow vulnerability in the AP4_BitReader::SkipBits(unsigned int) function in mp42ts. | |||||
| CVE-2022-43033 | 1 Axiosys | 1 Bento4 | 2025-05-08 | N/A | 6.5 MEDIUM |
| An issue was discovered in Bento4 1.6.0-639. There is a bad free in the component AP4_HdlrAtom::~AP4_HdlrAtom() which allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2022-43032 | 1 Axiosys | 1 Bento4 | 2025-05-08 | N/A | 6.5 MEDIUM |
| An issue was discovered in Bento4 v1.6.0-639. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp, as demonstrated by mp42aac. | |||||
| CVE-2024-25454 | 1 Axiosys | 1 Bento4 | 2025-05-08 | N/A | 5.5 MEDIUM |
| Bento4 v1.6.0-640 was discovered to contain a NULL pointer dereference via the AP4_DescriptorFinder::Test() function. | |||||