Lucene search
K

182 matches found

EUVD
EUVD
added 2026/06/25 12:33 a.m.5 views

EUVD-2025-210331

A use-after-free in the gffilterpidinstswapdeletetask function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted media file...

7.5CVSS5.9AI score0.0051EPSS
Exploits1References6
EUVD
EUVD
added 2026/06/25 12:33 a.m.5 views

EUVD-2025-210335

A buffer overflow in the gfmediaimport function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted input...

7.5CVSS6.1AI score0.00579EPSS
Exploits1References6
CVE
CVE
added 2026/06/25 12:0 a.m.8 views

CVE-2025-60465

GPAC Project/MP4Box prior to 26.02.0 is affected by CVE-2025-60465 due to a use-after-free in the function gf_filter_pid_inst_swap (in /filter_core/filter_pid.c). The vulnerability allows an attacker to trigger a Denial of Service by processing a crafted media file. The documented remediation is ...

6.1CVSS5.9AI score0.00135EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52558

Name of the Vulnerable Software and Affected Versions GPAC Project/MP4Box versions prior to 26.02.0 Description A use-after-free issue exists in the gf sei load from state internal function located in /filters/sei load.c. This occurs when the software processes a specially crafted MPEG-2 TS file,...

7.8CVSS5.7AI score0.00144EPSS
Exploits1References9
NVD
NVD
added 2026/06/24 11:16 p.m.11 views

CVE-2025-60474

A buffer overflow in the gfmediaimport function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted input...

7.5CVSS0.00579EPSS
Exploits1References6
NVD
NVD
added 2026/06/24 11:16 p.m.11 views

CVE-2025-60467

A use-after-free in the gffilterpidinstswapdeletetask function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted media file...

7.5CVSS0.0051EPSS
Exploits1References6
OSV
OSV
added 2026/06/24 11:16 p.m.2 views

UBUNTU-CVE-2025-60474

A buffer overflow in the gfmediaimport function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted input...

7.5CVSS6AI score0.00579EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-52140

Name of the Vulnerable Software and Affected Versions GPAC Project/MP4Box versions prior to 26.02.0 Description A NULL pointer dereference occurs in the gf filter in parent chain function located in /filter core/filter pid.c. This issue allows an attacker to trigger a Denial of Service DoS by...

5.5CVSS5.8AI score0.00141EPSS
Exploits1References10
Cvelist
Cvelist
added 2026/06/24 12:0 a.m.16 views

CVE-2025-60474

A buffer overflow in the gfmediaimport function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted input...

0.00579EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.10 views

PT-2026-49275

A NULL pointer dereference in the gf media map esd function media tools/isom tools.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.3AI score0.00188EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.30 views

CVE-2025-55645

A heap buffer overflow in the gfcencsetpssh function isomedia/drmsample.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

0.00235EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.11 views

PT-2026-49271

A heap use-after-free in the gf node get tag function scenegraph/base scenegraph.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.3AI score0.00188EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/15 12:0 a.m.7 views

CVE-2025-55648

A heap buffer overflow in the gfopusparsepacketheader function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.6AI score0.00235EPSS
Exploits1References1
OSV
OSV
added 2026/06/13 12:7 a.m.11 views

OSV-2026-907 Heap-use-after-free in gf_sg_route_del

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=523017644 Crash type: Heap-use-after-free READ 8 Crash state: gfsgroutedel gfsgreset gfsgdel...

5.3AI score
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

GPAC MP4Box 代码问题漏洞

GPAC MP4Box is a open-source multimedia packager from GPAC. It is primarily used for processing ISOBMF files such as MP4 and 3GP, but it can also be used for importing/exporting media from container files like AVI, MPG, MKV, and MPEG-2 TS. Version 2.4 of GPAC MP4Box has a code vulnerability cause...

7.5CVSS5.3AI score0.00467EPSS
Exploits1References1
OSV
OSV
added 2026/06/05 12:9 a.m.9 views

OSV-2026-855 Heap-use-after-free in gf_sg_reset

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=519588196 Crash type: Heap-use-after-free READ 8 Crash state: gfsgreset gfsgdel fuzzscene.c...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/06/01 3:16 p.m.7 views

UBUNTU-CVE-2025-60485

A segmentation violation in the gfisomapplesettagex function /isomedia/isomwrite.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS5.8AI score0.00143EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/01/09 10:8 a.m.8 views

CVE-2019-20168

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a use-after-free in the function gfisomboxdumpex in isomedia/boxfuncs.c...

5.5CVSS6.9AI score0.00763EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:49 a.m.10 views

CVE-2022-27145

GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gfisomgetsampleformovietime of mp4box...

5.5CVSS6.7AI score0.00776EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/19 7:32 a.m.5 views

CVE-2025-60091

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Zoho CRM and Bigin gf-zoho allows Object Injection.This issue affects WP Gravity Forms Zoho CRM and Bigin: from n/a through = 1.2.9...

9.8CVSS7AI score0.00386EPSS
Exploits0References1
Rows per page
Query Builder