CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Veracode•added 2021/09/02 6:40 p.m.•18 views

Denial Of Service (DoS)

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a heap-based buffer overflo...

8.8CVSS4.6AI score0.00238EPSS

Veracode•added 2021/09/02 6:40 p.m.•17 views

Denial Of Service (DoS)

gpac:bullseye is vulnerable to denial of service. An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. The striboxread function is used when processing atoms using the 'stri' FOURCC code. An attacke...

8.8CVSS4.1AI score0.00609EPSS

Veracode•added 2021/09/02 6:31 p.m.•19 views

Denial Of Service (DoS)

gpac:bullseye is vulnerable to denial of service. An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. When processing the 'hdlr' FOURCC code, a specially crafted MPEG-4 input can cause an improper...

8.8CVSS3.7AI score0.00418EPSS

CNNVD•added 2021/08/27 12:0 a.m.•0 views

ngiflib 缓冲区错误漏洞

ngiflib is a GIF image format decoding library written in C. A security vulnerability exists in ngiflib version 0.4, which stems from the GetByteStr function in the ngiflib.c file in the NGFLIBNOFILE module that does not check boundaries when copying memory buffers...

8.8CVSS7.9AI score0.00352EPSS

CNVD•added 2021/08/26 12:0 a.m.•14 views

GPAC Project on Advanced Content Integer Overflow Vulnerability (CNVD-2021-82984)

GPAC Project on Advanced Content is an open source cross-platform library that implements the MPEG-4 system standard and provides tools for media playback, vector graphics, and 3D rendering. an integer overflow vulnerability exists in the MPEG-4 decoding functionality in GPAC Project on Advanced...

6.8CVSS3.7AI score0.0025EPSS

Exploits1Affected Software1

CNVD•added 2021/08/26 12:0 a.m.•22 views

GPAC Project on Advanced Content Integer Overflow Vulnerability (CNVD-2021-82985)

6.8CVSS3.7AI score0.0025EPSS

Exploits1Affected Software1

CNVD•added 2021/08/26 12:0 a.m.•16 views

GPAC Project on Advanced Content Integer Overflow Vulnerability (CNVD-2021-82983)

6.8CVSS3.7AI score0.00438EPSS

Exploits1Affected Software1

Github Security Blog•added 2021/08/25 8:49 p.m.•23 views

Unexpected panic when decoding tokens in branca

Prior to 0.10.0 it was possible to have both decoding functions panic unexpectedly, by supplying tokens with an incorrect base62 encoding. The documentation stated that an error should have been reported instead...

5.5CVSS5.7AI score0.00081EPSS

Exploits1References6Affected Software1

OSV•added 2021/08/25 8:49 p.m.•9 views

GHSA-C9RV-3JMQ-527W Unexpected panic when decoding tokens in branca

5.5CVSS5.4AI score0.00081EPSS

Exploits1References6

8.8CVSS8.4AI score0.0025EPSS

DEBIAN-CVE-2021-21841

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when reading an atom using the 'sbgp' FOURCC code can cause an integer overflow due to unchecked arithmetic...

NVD•added 2021/08/25 7:15 p.m.•14 views

CVE-2021-21842

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when processing an atom using the 'ssix' FOURCC code, due to unchecked arithmetic...

8.8CVSS0.00418EPSS

NVD•added 2021/08/25 7:15 p.m.•15 views

CVE-2021-21849

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when the library encounters an atom using the “tfra” FOURCC code due to unchecked...

8.8CVSS0.00418EPSS

NVD•added 2021/08/25 7:15 p.m.•14 views

CVE-2021-21841

8.8CVSS0.0025EPSS

NVD•added 2021/08/25 7:15 p.m.•13 views

CVE-2021-21848

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. The library will actually reuse the parser for atoms with the “stsz” FOURCC code when parsing atoms that use the “stz2” FOURCC code and can cause a...

8.8CVSS0.00245EPSS

8.8CVSS8.4AI score0.0025EPSS

DEBIAN-CVE-2021-21840

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input used to process an atom using the “saio” FOURCC code cause an integer overflow due to unchecked arithmetic resulti...

OSV•added 2021/08/25 7:15 p.m.•2 views

DEBIAN-CVE-2021-21848

8.8CVSS8.4AI score0.00245EPSS

8.8CVSS8.4AI score0.00418EPSS

DEBIAN-CVE-2021-21849

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when the library encounters an atom using the “tfra” FOURCC code due to unchecked...

NVD•added 2021/08/25 7:15 p.m.•17 views

CVE-2021-21850

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when the library encounters an atom using the “trun” FOURCC code due to unchecked...

8.8CVSS0.00418EPSS

8.8CVSS8.3AI score0.00418EPSS

DEBIAN-CVE-2021-21842

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when processing an atom using the 'ssix' FOURCC code, due to unchecked arithmetic...