599 matches found
CVE-2025-15667
A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...
EUVD-2025-210430
A vulnerability was identified in GPAC up to b40ce70f5. This issue affects the function sgpddelentry of the file src/isomedia/boxcodebase.c of the component MP4Box. Such manipulation of the argument data leads to heap-based buffer overflow. Local access is required to approach this attack. The...
CVE-2025-15667 GPAC MP4Box avc_ext.c gf_isom_nalu_sample_rewrite double free
A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...
CVE-2026-14801
A security vulnerability has been detected in GPAC 26.03-DEV-rev342-g80071f700-master. The impacted element is the function txtinprobeduration of the file src/filters/loadtext.c of the component TeXML File Handler. Such manipulation of the argument txmltimescale leads to divide by zero. An attack...
CVE-2026-14790
A flaw has been found in GPAC 26.02.0. This affects the function nhmldumpsendframe of the file src/filters/writenhml.c of the component Media File Handler. Executing a manipulation can lead to null pointer dereference. The attack requires local access. The exploit has been published and may be...
Astra Linux – Vulnerability in gpac
A vulnerability, classified as problematic, was discovered in GPAC 2.3-DEV-rev35-gbbca86917-master. This vulnerability affects the gfm2tsprocesssdt function in the mediatools/mpegts.c file. The vulnerability results in a heap-based buffer overflow. Local exploitation is required. The exploit has...
Astra Linux – Vulnerability in gpac
A vulnerability in GPAC version 2.2.1 and earlier allows a local attacker to cause a denial of service through the QDecCoordOnUnitSphere function in the file src/bifs/unquantize.c...
GPAC MP4Box 处理逻辑错误漏洞
GPAC is an open-source multimedia framework developed by GPAC. Version 2.4 of GPAC contains a security vulnerability. This vulnerability stems from a floating-point exception in the gfopusparsepacketheader function, which could allow attackers to cause denial-of-service attacks through specially...
CVE-2026-9567
A security flaw has been discovered in GPAC up to 2.4.0. Affected is the function MergeFragment of the file src/isomedia/isomintern.c of the component MP4Box. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit has been released to the publ...
CVE-2025-55664
A heap buffer overflow in the m2tsdmxsendpacket function filters/dmxm2ts.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
Linux Distros Unpatched Vulnerability : CVE-2026-9572
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability has been detected in GPAC up to 2.4.0. Affected by this issue is the function MediaGetSample of the file src/isomedia/media.c of the...
Linux Distros Unpatched Vulnerability : CVE-2026-9567
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security flaw has been discovered in GPAC up to 2.4.0. Affected is the function MergeFragment of the file src/isomedia/isomintern.c of the component MP4Box. T...
UBUNTU-CVE-2026-9572
A security vulnerability has been detected in GPAC up to 2.4.0. Affected by this issue is the function MediaGetSample of the file src/isomedia/media.c of the component MP4Box. Such manipulation of the argument cat leads to memory leak. The attack can only be performed from a local environment. Th...
EUVD-2026-31955
A security vulnerability has been detected in GPAC up to 2.4.0. Affected by this issue is the function MediaGetSample of the file src/isomedia/media.c of the component MP4Box. Such manipulation of the argument cat leads to memory leak. The attack can only be performed from a local environment. Th...
CVE-2026-9567
A security flaw has been discovered in GPAC up to 2.4.0. Affected is the function MergeFragment of the file src/isomedia/isomintern.c of the component MP4Box. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit has been released to the publ...
CVE-2026-8124
A security vulnerability has been detected in GPAC up to 26.02.0. This affects the function sidxboxread of the file src/isomedia/boxcodebase.c. The manipulation leads to allocation of resources. The attack must be carried out locally. The exploit has been disclosed publicly and may be used. The...
CVE-2026-8124
A security vulnerability has been detected in GPAC up to 26.02.0. This affects the function sidxboxread of the file src/isomedia/boxcodebase.c. The manipulation leads to allocation of resources. The attack must be carried out locally. The exploit has been disclosed publicly and may be used. The...
PT-2026-38628
Name of the Vulnerable Software and Affected Versions GPAC versions prior to 26.02.0 Description A flaw in the sidx box read function within the src/isomedia/box code base.c file allows for the allocation of resources through manipulation. This issue requires local access to be exploited...
Linux Distros Unpatched Vulnerability : CVE-2026-39103
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow vulnerability in GPAC before commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 allows an attacker to cause a denial of service via the...
CVE-2026-39103
Buffer Overflow vulnerability in GPAC before commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 allows an attacker to cause a denial of service via the src/scenegraph/svgattributes.c, svgparsestrings, gfsvgparseattribute...