EUVD-2026-17729

A vulnerability was identified in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4BitReader::SkipBits of the file Ap4Dac4Atom.cpp of the component DSI v1 Parser. Such manipulation of the argument npresentations leads to heap-based buffer overflow. The attack needs to be performed...

CVE-2026-5236

A vulnerability was identified in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4BitReader::SkipBits of the file Ap4Dac4Atom.cpp of the component DSI v1 Parser. Such manipulation of the argument npresentations leads to heap-based buffer overflow. The attack needs to be performed...

CVE-2026-5235

The vulnerability CVE-2026-5235 affects Axiomatic Bento4 (up to version 1.6.0-641). It targets MP4 File Parser, specifically AP4_BitReader::ReadCache in Ap4Dac4Atom.cpp, causing a heap-based buffer overflow. Exploitation is local and the exploit has been publicly disclosed. Details on affected pr...

OSV-2025-788 Heap-buffer-overflow in int arrow::bit_util::BitReader::GetBatch<int>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=447480433 Crash type: Heap-buffer-overflow READ 8 Crash state: int arrow::bitutil::BitReader::GetBatch auto arrow::util::RleBitPackedDecoder::GetBatch std::1::pair arrow::util::R...

UBUNTU-CVE-2022-43038

Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4BitReader::ReadCache function in mp42ts...

Out-of-bounds

In ReadLittleEndian of rawbitreader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the media server with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...

UBUNTU-CVE-2019-15047

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the function AP4BitReader::SkipBits at Core/Ap4Utils.cpp...