45 matches found
CVE-2025-60474
GPAC MP4Box up to version 26.01.x has a buffer overflow in the gf_media_import() function (in /media_tools/av_parsers.c). The underlining issue allows DoS via crafted input, affecting MP4Box before 26.02.0. Public sources consistently cite GPAC MP4Box versions prior to 26.02.0 as vulnerable, with...
CVE-2025-55660
The connected EUVD entry confirms a stack overflow in the function gf_opus_read_length (file media_tools/av_parsers.c ) of GPAC MP4Box v2.4 , enabling a Denial of Service (DoS) when processing a crafted MP4 file. The same CVE ID (CVE-2025-55660) is echoed across multiple sources (NVD, CVE lists, ...
EUVD-2025-210004
A NULL pointer dereference in the gfac4presb4backchannelspresent function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...
CVE-2022-47089
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow via gfvvcreadspsbsinternal function of mediatools/avparsers.c...
NULL Pointer Dereference
libgpac.so is vulnerable to NULL Pointer Dereference. The vulnerability is due to the gfavcchangevui function within avparsers.c because there is no validation on the avcc pointer utilizing it. This can lead to a null pointer dereference, resulting in Denial of Service...
Stack Overflow
libgpac.so is vulnerable to stack overflow. The vulnerability is caused due to a lack of validation in the hevcparsevpsextension function in the avparsers.c file. This could lead to Denial of Service attacks...
CVE-2023-48014
GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a stack overflow via the hevcparsevpsextension function at /mediatools/avparsers.c...
Buffer Overflow
GPAC is vulnerable to Buffer Overflow. The vulnerability is due to the gfhevcreadspsbsinternal function of mediatools/avparsers.c which allows an attacker to cause an application crash...
Buffer Overflow
GPAC is vulnerable to Buffer Overflow. The vulnerability is due to the gfvvcreadppsbsinternal function of mediatools/avparsers.c which allows an attacker to cause an application crash...
CVE-2023-1449
A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master and classified as problematic. This vulnerability affects the function gfav1resetstate of the file mediatools/avparsers.c. The manipulation leads to double free. It is possible to launch the attack on the local host. The explo...
CVE-2023-1449 GPAC av_parsers.c gf_av1_reset_state double free
A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master and classified as problematic. This vulnerability affects the function gfav1resetstate of the file mediatools/avparsers.c. The manipulation leads to double free. It is possible to launch the attack on the local host. The explo...
Heap-based Buffer Overflow
libgpac.so is vulnerable to Heap-based Buffer Overflow. A local attacker is able to cause heap-based buffer overflows due to improper validation logics in the avcparseslice function in avparsers.c...
Denial Of Service (DoS)
libgpac.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to a buffer overflow in the gfavcreformatsei function of avparsers.c, allowing an attacker to cause an application crash...
Denial Of Service (DoS)
libgpac.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to a buffer overflow in the hevcparsevpsextension function in avparsers.c, allowing an attacker to cause an application crash...
Integer Overflow
libgpac.so is vulnerable to Integer Overflow. The vulnerability exists in the gfhevcreadspsbs function of avparsers.c because of the lack of validations in profile size, which allows the remote attacker to crash the application...
Buffer overflow
Buffer overflow vulnerability in function avcparseslice in file mediatools/avparsers.c. GPAC version 2.3-DEV-rev1-g4669ba229-master...
CVE-2023-23143
GPAC multimedia framework (GPAC 2.3-DEV-rev1-g4669ba229-master) contains a buffer overflow in avc_parse_slice() inside media_tools/av_parsers.c. The CVE-2023-23143 issue has high impact (local access, requires user interaction per NVD) and may allow denial of service or arbitrary code execution. ...
CVE-2022-47656
GPAC MP4box 2.1-DEV-rev617-g85ce76efd is vulnerable to Buffer Overflow in gfhevcreadspsbsinternal function of mediatools/avparsers.c:8273...
CVE-2022-47658
GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function gfhevcreadvpsbsinternal of mediatools/avparsers.c:8039...
CVE-2022-47661
GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 is vulnerable to Buffer Overflow via mediatools/avparsers.c:4988 in gfmedianaluaddemulationbytes...