Lucene search
K

13 matches found

EUVD
EUVD
added yesterday4 views

EUVD-2026-41219

A NULL pointer dereference in the AP4AtomSampleTable::GetSample function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

7.5CVSS5.8AI score0.00155EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/26 12:0 a.m.20 views

CVE-2026-36907

A stack overflow in the AP4StsdAtom::AP4StsdAtom component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

0.00125EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.12 views

PT-2026-48162

🚨 CVE-2025-55659 A NULL pointer dereference in the ctts box write function isomedia/box code base.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file. 🎖@cveNotify...

6.5CVSS5.3AI score0.00345EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/05/07 7:8 p.m.8 views

NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file

A flaw was found in NGINX Open Source, specifically within the ngxhttpmp4module. An attacker can exploit this memory corruption vulnerability by providing a specially crafted MP4 file. This can lead to an over-read or over-write of NGINX worker memory, causing the worker to terminate and resultin...

8.5CVSS5.8AI score0.01031EPSS
Exploits0References5
CVE
CVE
added 2026/01/15 12:0 a.m.17 views

CVE-2025-70303

CVE-2025-70303 concerns GPAC v2.4.0, where the uncv_parse_config() function is vulnerable to a heap overflow (CNVD and Red Hat listings corroborate as a DoS risk). Exploitation involves processing a crafted MP4 file, leading to denial of service. Connected sources consistently describe a DoS outc...

5.5CVSS6.6AI score0.00188EPSS
Exploits1References1Affected Software1
RedHat Linux
RedHat Linux
added 2025/05/14 2:4 a.m.4 views

nginx: Memory disclosure in the ngx_http_mp4_module

A vulnerability was found in NGINX’s module, ngxhttpmp4module. This flaw allows a local attacker to cause a worker process crash or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products built with ngxhttpmp4module...

7.1CVSS7.3AI score0.01069EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2024/02/28 12:0 a.m.6 views

PT-2024-20300 · Bento4 · Bento4

Name of the Vulnerable Software and Affected Versions: Bento4 version 1.5.1-628 Description: The issue is related to a Memory leak in the AP4 Movie::AP4 Movie function when parsing tracks and adding them to the m Tracks list. If an error occurs due to no audio track being found, mp42aac cannot...

6.5CVSS7AI score0.00643EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.2 views

SUSE CVE-2018-16845

nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngxhttpmp4module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affec...

8.2CVSS6.7AI score0.09801EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2022/04/06 12:0 a.m.8 views

The vulnerability of the gf_m2ts_section_complete function in the media_tools/mpegts component of the GPAC multimedia platform allows a hacker to cause a service failure.

The vulnerability of the gfm2tssectioncomplete function in the mediatools/mpegts component of the GPAC multimedia platform is related to writing beyond buffer boundaries. Exploiting this vulnerability allows a malicious actor to trigger a service failure using a specially created MP4 file...

7.1CVSS6.1AI score0.00959EPSS
Exploits1References6Affected Software3
CNNVD
CNNVD
added 2021/04/19 12:0 a.m.3 views

GPAC 代码问题漏洞

GPAC is a multimedia framework for rich media and distributed under the LGPL license. A null pointer dereference vulnerability exists in GPAC version 1.0.1 in filters/reframelatm.c when calling gffilterpckgetdata. An attacker could exploit this vulnerability via a specially crafted mp4 file to...

5.5CVSS5.6AI score0.00868EPSS
Exploits1References3
CNVD
CNVD
added 2018/01/30 12:0 a.m.4 views

Ffmpeg 'libavfilter/vf_transpose.c' Denial of Service Vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'filterslice' function in the libavfilter/vftranspose.c file in FFmpeg 3.4.1 and earlier versions. A remote attacker can exploit this vulnerability to...

6.5CVSS6.7AI score0.01661EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2017/06/27 12:0 a.m.2 views

PT-2017-3888 · Audiocoding +1 · Faad2 +1

Name of the Vulnerable Software and Affected Versions: FAAD2 version 2.7 Description: The issue is related to the mp4ff read stco function in the common/mp4ff/mp4atom.c file of the FAAD2 audio decoder. It involves a buffer overflow in memory, which can be exploited by an attacker using a speciall...

7.8CVSS6.5AI score0.01518EPSS
Exploits22References104
RedHat Linux
RedHat Linux
added 2015/12/09 1:36 p.m.4 views

flash-plugin: multiple code execution issues fixed in APSB15-32

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute...

9.3CVSS6.2AI score0.06516EPSS
Exploits0References5
Rows per page
Query Builder