707 matches found
CVE-2026-15185
A vulnerability was determined in GPAC 26.03-DEV. This affects the function vobsubreadidx of the file /src/mediatools/vobsub.c of the component MP4Box. Executing a manipulation of the argument numlangs can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been...
CVE-2025-15668
GPAC MP4Box contains a heap-based overflow in sgpd_del_entry (src/isomedia/box_code_base.c). Local access is required. The exploit is publicly available; a patch is identified as f29f955f2a3b5e8e507caad3e52319f961bf37bf. Affected version range is GPAC up to b40ce70f5. Remediation is to apply the ...
CVE-2025-15667
GPAC MP4Box contains a vulnerability in gf_isom_nalu_sample_rewrite (src/isomedia/avc_ext.c) that can cause a double free. The issue affects GPAC up to 2.5-DEV and enables a local-attack where an attacker manipulates nalu_out_bs. Public exploit details exist. A patch named f29f955f2a3b5e8e507caad...
Linux Distros Unpatched Vulnerability : CVE-2025-60467
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the gffilterpidinstswapdeletetask function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial ...
Linux Distros Unpatched Vulnerability : CVE-2025-60473
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference in the gffilterinparentchain function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denia...
Linux Distros Unpatched Vulnerability : CVE-2025-60471
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the gffilterpidreconfiguretaskdiscard function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a...
Linux Distros Unpatched Vulnerability : CVE-2025-60466
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the gffilterpidgetpacket function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Servic...
Linux Distros Unpatched Vulnerability : CVE-2025-60474
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow in the gfmediaimport function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS...
Linux Distros Unpatched Vulnerability : CVE-2025-60465
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the gffilterpidinstswap function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service...
DEBIAN-CVE-2025-60465
A use-after-free in the gffilterpidinstswap function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted media file...
CVE-2025-60465
A use-after-free in the gffilterpidinstswap function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted media file...
CVE-2025-60464
A use-after-free in the gfseiloadfromstateinternal function /filters/seiload.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted MPEG-2 TS file...
UBUNTU-CVE-2025-60464
A use-after-free in the gfseiloadfromstateinternal function /filters/seiload.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted MPEG-2 TS file...
UBUNTU-CVE-2025-60465
A use-after-free in the gffilterpidinstswap function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted media file...
EUVD-2025-210334
A NULL pointer dereference in the gffilterinparentchain function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...
EUVD-2025-210330
A use-after-free in the gffilterpidgetpacket function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted media file...
CVE-2025-60466
A use-after-free in the gffilterpidgetpacket function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted media file...
CVE-2025-60465
GPAC Project/MP4Box prior to 26.02.0 is affected by CVE-2025-60465 due to a use-after-free in the function gf_filter_pid_inst_swap (in /filter_core/filter_pid.c). The vulnerability allows an attacker to trigger a Denial of Service by processing a crafted media file. The documented remediation is ...
CVE-2025-60465
A use-after-free in the gffilterpidinstswap function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted media file...
PT-2026-52559
Name of the Vulnerable Software and Affected Versions GPAC Project/MP4Box versions prior to 26.02.0 Description A use-after-free issue exists in the gf filter pid inst swap function located in /filter core/filter pid.c. A use-after-free occurs when a program continues to use a pointer after it ha...