1877 matches found
CVE-2025-60471
A use-after-free in the gffilterpidreconfiguretaskdiscard function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted media file...
UBUNTU-CVE-2025-60471
A use-after-free in the gffilterpidreconfiguretaskdiscard function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted media file...
PT-2026-52139
Name of the Vulnerable Software and Affected Versions GPAC Project/MP4Box versions prior to 26.02.0 Description A use-after-free issue exists in the gf filter pid get packet function located in /filter core/filter pid.c. This occurs when the software processes a specially crafted media file, whic...
PT-2026-52133
Name of the Vulnerable Software and Affected Versions GPAC Project/MP4Box versions prior to 26.02.0 Description A buffer overflow occurs in the gf media import function located in /media tools/av parsers.c. This issue allows remote attackers to cause a Denial of Service DoS by providing a special...
PT-2026-52037
Name of the Vulnerable Software and Affected Versions GPAC Project/MP4Box versions prior to 26.02.0 Description A use-after-free issue exists in the gf filter pid reconfigure task discard function located in /filter core/filter pid.c. A use-after-free occurs when a program continues to use a...
PT-2026-52132
Name of the Vulnerable Software and Affected Versions GPAC Project/MP4Box versions prior to 26.02.0 Description A use-after-free issue exists in the gf filter pid inst swap delete task function located in /filter core/filter pid.c. This flaw allows an attacker to trigger a Denial of Service DoS b...
PT-2026-52140
Name of the Vulnerable Software and Affected Versions GPAC Project/MP4Box versions prior to 26.02.0 Description A NULL pointer dereference occurs in the gf filter in parent chain function located in /filter core/filter pid.c. This issue allows an attacker to trigger a Denial of Service DoS by...
Linux Distros Unpatched Vulnerability : CVE-2025-55639
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC MP4Box v2.4 was discovered to contain a NULL pointer dereference in the gfisomaddtrackkind function at isomedia/isomwrite.c. This vulnerability allows...
CVE-2025-60467
A use-after-free in the gffilterpidinstswapdeletetask function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted media file...
CVE-2025-60468
GPAC Multimedia Open Source Project GPAC Project/MP4Box 2.5-DEV-rev1593-gfe88c3545-master is affected by: Buffer Overflow. The impact is: cause a denial of service local. The component is: filtercore/filterpid.c L:574-580: function gffilterpidinstswapdeletetask improperly accesses freed objects...
CVE-2025-60473
A NULL pointer dereference in the gffilterinparentchain function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...
CVE-2025-60471
A use-after-free in the gffilterpidreconfiguretaskdiscard function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted media file...
CVE-2025-60474
A buffer overflow in the gfmediaimport function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted input...
CVE-2025-60473
GPAC MP4Box before 26.02.0 is affected by a NULL pointer dereference in gf_filter_in_parent_chain (filter_core/filter_pid.c), enabling a Denial of Service when processing a crafted file. The issue is a code-level null dereference in the parent-chain filtering logic, with a CVSS v3.1 base score of...
CVE-2025-60474
GPAC MP4Box up to version 26.01.x has a buffer overflow in the gf_media_import() function (in /media_tools/av_parsers.c). The underlining issue allows DoS via crafted input, affecting MP4Box before 26.02.0. Public sources consistently cite GPAC MP4Box versions prior to 26.02.0 as vulnerable, with...
CVE-2025-60471
GPAC MP4Box prior to 26.02.0 is affected by a use-after-free in gf_filter_pid_reconfigure_task_discard (located at /filter_core/filter_pid.c). This leads to Denial of Service when processing a crafted media file. The vulnerability is documented as CVE-2025-60471. Impact is described as availabili...
CVE-2025-60466
GPAC MP4Box (before 26.02.0) is affected by a use-after-free in the function gf_filter_pid_get_packet within /filter_core/filter_pid.c, enabling potential DoS via crafted media files. The vulnerability is triggered by handling specific media content and may lead to process instability or crash. A...
CVE-2025-60467
GPAC Project/MP4Box prior to 26.02.0 is affected by a use-after-free in the gf_filter_pid_inst_swap_delete_task function (/filter_core/filter_pid.c). The issue can allow a Denial of Service when processing a crafted media file. The vulnerability is confirmed across multiple sources (NVD, CVE reco...
CVE-2025-60468
GPAC MP4Box 2.5-DEV-rev1593-gfe88c3545-master is affected by a heap use-after-free in gf_filter_pid_inst_swap_delete_task() within filter_core/filter_pid.c during PID instance swap/delete cleanup. A local, authenticated user processing crafted MPEG-2 TS/MP4 inputs can trigger the bug, causing a c...
PT-2026-52127
Name of the Vulnerable Software and Affected Versions MP4Box version 2.5-DEV-rev1593-gfe88c3545-master Description A heap use-after-free occurs when the gf filter pid inst swap delete task function in the filter core/filter pid.c component improperly accesses objects after they have been freed...