Lucene search
K

1908 matches found

NVD
NVD
added yesterday7 views

CVE-2026-15185

A vulnerability was determined in GPAC 26.03-DEV. This affects the function vobsubreadidx of the file /src/mediatools/vobsub.c of the component MP4Box. Executing a manipulation of the argument numlangs can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been...

4.8CVSS
Exploits0References8
EUVD
EUVD
added yesterday5 views

EUVD-2026-42590

A vulnerability was determined in GPAC 26.03-DEV. This affects the function vobsubreadidx of the file /src/mediatools/vobsub.c of the component MP4Box. Executing a manipulation of the argument numlangs can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been...

4.8CVSS5.4AI score
Exploits0References8
CVE
CVE
added yesterday9 views

CVE-2026-15185

GPAC MP4Box (vobsub_read_idx in /src/media_tools/vobsub.c) is affected. Manipulating the num_langs argument can trigger an out-of-bounds read, locally exploitable. The issue is in GPAC 26.03-DEV and has publicly disclosed exploit details. A patch was applied via commits 532097084729a936bcdf6a27c4...

4.8CVSS5.4AI score
Exploits0References8
Cvelist
Cvelist
added yesterday16 views

CVE-2026-15185 GPAC MP4Box vobsub.c vobsub_read_idx out-of-bounds

A vulnerability was determined in GPAC 26.03-DEV. This affects the function vobsubreadidx of the file /src/mediatools/vobsub.c of the component MP4Box. Executing a manipulation of the argument numlangs can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been...

4.8CVSS
Exploits0References8
CVE
CVE
added 4 days ago11 views

CVE-2025-15668

GPAC MP4Box contains a heap-based overflow in sgpd_del_entry (src/isomedia/box_code_base.c). Local access is required. The exploit is publicly available; a patch is identified as f29f955f2a3b5e8e507caad3e52319f961bf37bf. Affected version range is GPAC up to b40ce70f5. Remediation is to apply the ...

4.8CVSS6.1AI score0.00124EPSS
Exploits0References8
Cvelist
Cvelist
added 4 days ago36 views

CVE-2025-15668 GPAC MP4Box box_code_base.c sgpd_del_entry heap-based overflow

A vulnerability was identified in GPAC up to b40ce70f5. This issue affects the function sgpddelentry of the file src/isomedia/boxcodebase.c of the component MP4Box. Such manipulation of the argument data leads to heap-based buffer overflow. Local access is required to approach this attack. The...

4.8CVSS0.00124EPSS
Exploits0References8
EUVD
EUVD
added 4 days ago7 views

EUVD-2025-210430

A vulnerability was identified in GPAC up to b40ce70f5. This issue affects the function sgpddelentry of the file src/isomedia/boxcodebase.c of the component MP4Box. Such manipulation of the argument data leads to heap-based buffer overflow. Local access is required to approach this attack. The...

4.8CVSS6.1AI score0.00124EPSS
Exploits0References8
CVE
CVE
added 4 days ago13 views

CVE-2025-15667

GPAC MP4Box contains a vulnerability in gf_isom_nalu_sample_rewrite (src/isomedia/avc_ext.c) that can cause a double free. The issue affects GPAC up to 2.5-DEV and enables a local-attack where an attacker manipulates nalu_out_bs. Public exploit details exist. A patch named f29f955f2a3b5e8e507caad...

4.8CVSS5.4AI score0.00112EPSS
Exploits0References8
Cvelist
Cvelist
added 4 days ago35 views

CVE-2025-15667 GPAC MP4Box avc_ext.c gf_isom_nalu_sample_rewrite double free

A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...

4.8CVSS0.00112EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2025-60474

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow in the gfmediaimport function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS...

7.5CVSS6.2AI score0.00579EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2025-60471

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the gffilterpidreconfiguretaskdiscard function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a...

5.5CVSS6AI score0.00136EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2025-60466

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the gffilterpidgetpacket function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Servic...

5CVSS6AI score0.00121EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2025-60465

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the gffilterpidinstswap function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service...

6.1CVSS6AI score0.00135EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2025-60464

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the gfseiloadfromstateinternal function /filters/seiload.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Servi...

7.8CVSS6AI score0.00144EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-60467

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the gffilterpidinstswapdeletetask function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial ...

7.5CVSS6AI score0.0051EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2025-60473

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference in the gffilterinparentchain function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denia...

5.5CVSS6AI score0.00141EPSS
Exploits1References3
OSV
OSV
added 2026/06/25 8:17 p.m.3 views

DEBIAN-CVE-2025-60465

A use-after-free in the gffilterpidinstswap function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted media file...

6.1CVSS5.8AI score0.00135EPSS
Exploits1References1
NVD
NVD
added 2026/06/25 8:17 p.m.8 views

CVE-2025-60465

A use-after-free in the gffilterpidinstswap function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted media file...

6.1CVSS0.00135EPSS
Exploits1References6
NVD
NVD
added 2026/06/25 8:17 p.m.8 views

CVE-2025-60464

A use-after-free in the gfseiloadfromstateinternal function /filters/seiload.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted MPEG-2 TS file...

7.8CVSS0.00144EPSS
Exploits1References6
OSV
OSV
added 2026/06/25 8:17 p.m.3 views

DEBIAN-CVE-2025-60464

A use-after-free in the gfseiloadfromstateinternal function /filters/seiload.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted MPEG-2 TS file...

7.8CVSS5.8AI score0.00144EPSS
Exploits1References1
Rows per page
Query Builder