Lucene search
K

33 matches found

EUVD
EUVD
added 3 days ago5 views

EUVD-2026-41219

A NULL pointer dereference in the AP4AtomSampleTable::GetSample function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

7.5CVSS5.8AI score0.00343EPSS
Exploits0References3
CVE
CVE
added 4 days ago7 views

CVE-2026-36910

The vulnerability affects MPC-BE (Aleksoid1978) where an access violation occurs in BaseSplitterFile::Read prior to commit 4341cb3, enabling DoS via a crafted MP4 file. The issue is described consistently across multiple trusted sources (NVD, CVE records, EUVD, CVE list, PT Security, AttackersKB,...

5.5CVSS5.8AI score0.00113EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 5 days ago4 views

The vulnerability of the gf_isom_add_track_kind() function in the isomedia/isom_write.c file, implemented by the MP4Box encoder for the GPAC multimedia platform, allows a malicious actor to cause service interruptions using a specially created MP4 file.

The vulnerability of the gfisomaddtrackkind function in the isomedia/isomwrite.c file, belonging to the MP4Box encoder of the GPAC multimedia platform, is related to pointer dereferencing errors. Exploiting this vulnerability could allow an attacker to cause service failures through the use of a...

7.8CVSS5.9AI score0.00352EPSS
Exploits1References7Affected Software2
NVD
NVD
added 2026/06/26 10:16 p.m.11 views

CVE-2026-36908

A stack overflow in the AP4Array::EnsureCapacity component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

5.5CVSS0.00142EPSS
Exploits0References3
NVD
NVD
added 2026/06/15 8:16 p.m.7 views

CVE-2025-55644

A heap use-after-free in the gfnodegettag function scenegraph/basescenegraph.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS0.00188EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.13 views

PT-2026-48162

🚨 CVE-2025-55659 A NULL pointer dereference in the ctts box write function isomedia/box code base.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file. 🎖@cveNotify...

6.5CVSS5.3AI score0.00345EPSS
Exploits1References4
OSV
OSV
added 2026/05/08 8:58 a.m.6 views

SUSE-SU-2026:1761-1 Security update for nginx

This update for nginx fixes the following issues: - CVE-2026-1642: plain text data injection into the response from an upstream proxied server via MITM attack bsc1257675. - CVE-2026-27654: buffer overflow in the NGINX worker process via the ngxhttpdavmodule module bsc1260416. - CVE-2026-27784:...

8.8CVSS7.7AI score0.21621EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.12 views

PT-2026-38860

In GStreamer through 1.26.1, the isomp4 plugin's qtdemux parse trak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure...

8.1CVSS5.9AI score0.00578EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/05/05 10:38 a.m.9 views

nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files

A flaw was found in NGINX's ngxhttpmp4module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead ...

8.5CVSS7.7AI score0.00918EPSS
Exploits0References5
OSV
OSV
added 2026/03/24 3:16 p.m.3 views

DEBIAN-CVE-2026-27784

The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. The issue only affects 32-bit NGINX Open Source if it i...

7.8CVSS5.5AI score0.01031EPSS
Exploits0References1
NVD
NVD
added 2026/01/15 7:16 p.m.5 views

CVE-2025-70303

A heap overflow in the uncvparseconfig function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

5.5CVSS0.00188EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2025/05/14 2:6 a.m.7 views

nginx: specially crafted MP4 file may cause denial of service

A flaw was found in the ngxhttpmp4module module of Nginx. Processing a specially crafted MP4 file can trigger a buffer over-read and cause the nginx process to terminate, resulting in a denial of service...

5.7CVSS7.5AI score0.0032EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/02/28 12:0 a.m.6 views

PT-2024-20300 · Bento4 · Bento4

Name of the Vulnerable Software and Affected Versions: Bento4 version 1.5.1-628 Description: The issue is related to a Memory leak in the AP4 Movie::AP4 Movie function when parsing tracks and adding them to the m Tracks list. If an error occurs due to no audio track being found, mp42aac cannot...

6.5CVSS7AI score0.00643EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:5 a.m.3 views

SUSE CVE-2016-3062

The movreaddref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via the entries value in a dref box in an MP4 file...

8.8CVSS7.8AI score0.04054EPSS
Exploits0References3
OSV
OSV
added 2022/08/18 5:15 a.m.2 views

UBUNTU-CVE-2022-35165

An issue in AP4SgpdAtom::AP4SgpdAtom of Bento4-1.6.0-639 allows attackers to cause a Denial of Service DoS via a crafted mp4 input...

5.5CVSS5.8AI score0.00273EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/08/18 12:0 a.m.6 views

Bento4 安全漏洞

Bento4 is an open source C++ library for reading and writing MP4 files. A security vulnerability exists in version Bento4-1.6.0-639. An attacker could exploit this vulnerability to cause a denial of service DoS via specially crafted mp4 input...

5.5CVSS5.8AI score0.00273EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2022/04/06 12:0 a.m.9 views

The vulnerability of the gf_m2ts_section_complete function in the media_tools/mpegts component of the GPAC multimedia platform allows a hacker to cause a service failure.

The vulnerability of the gfm2tssectioncomplete function in the mediatools/mpegts component of the GPAC multimedia platform is related to writing beyond buffer boundaries. Exploiting this vulnerability allows a malicious actor to trigger a service failure using a specially created MP4 file...

7.1CVSS6.1AI score0.00959EPSS
Exploits1References6Affected Software3
CNNVD
CNNVD
added 2021/08/13 12:0 a.m.3 views

Bento4 安全漏洞

Bento4 is an open source C++ library for reading and writing MP4 files. This number is duplicated with CNNVD-201908-1067, the related content has been removed, please refer to the information of CNNVD-201908-1067...

5.3AI score
Exploits0References2
CNVD
CNVD
added 2020/03/25 12:0 a.m.3 views

GPAC Invalid Pointer Dereference Vulnerability

GPAC is a multimedia framework for rich media and distributed under the LGPL license. An invalid pointer dereference vulnerability exists in gfodfdeletedescriptor in odf/descprivate.c in libgpac.a in versions prior to GPAC 0.8.0. An attacker can exploit this vulnerability to cause a denial of...

5.5CVSS7.8AI score0.00824EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/12/19 12:0 a.m.4 views

PT-2022-11260 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: Gpac versions through 1.0.1 Description: A buffer overflow issue exists via a malformed MP4 file in the svc parse slice function in av parsers.c, allowing attackers to cause a denial of service, potentially execute code, and escalate...

9.8CVSS8.2AI score0.04615EPSS
Exploits150References371
Rows per page
Query Builder