EUVD-2025-210153

A segmentation violation in the TrackSetStreamDescriptor function isomedia/track.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

DEBIAN-CVE-2025-55657

A NULL pointer dereference in the gfodfvvccfgwritebs function odf/descriptors.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

PT-2026-48161

GPAC MP4Box v2.4 was discovered to contain a floating point exception in the gf opus parse packet header function media tools/av parsers.c. bThis vulnerability allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

CVE-2026-7135

A security flaw has been discovered in GPAC up to 26.03-DEV-rev105-g8f39a1eb3-master. Affected by this vulnerability is the function elngboxread of the file src/isomedia/boxcodebase.c of the component MP4Box. Performing a manipulation of the argument elng results in out-of-bounds read. The attack...

CVE-2026-4015

A weakness has been identified in GPAC 26.03-DEV. Affected is the function txtinprocesstexml of the file src/filters/loadtext.c of the component TeXML File Parser. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit...

CVE-2026-1417

A weakness has been identified in GPAC up to 2.4.0. Affected by this issue is the function dumpisomrtp of the file applications/mp4box/filedump.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been made available to the public and coul...

CVE-2025-70299

A heap overflow in the aviparseinputfile function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted AVI file...

EUVD-2019-10718

Malware in sbrugna...

EUVD-2020-3909

Malware in sbrugna...

EUVD-2021-32072

Malicious code in bioql PyPI...

EUVD-2023-34291

Malicious code in bioql PyPI...

EUVD-2023-57882

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-3178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Over-read in GitHub repository gpac/gpac prior to 2.1.0-DEV. CVE-2022-3178 Note that Nessus relies on the presence of the package as reported by the...

PT-2025-30079 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: GPAC versions up to 2.4 Description: A null pointer dereference issue exists in the gf dash download init segment function within the src/media tools/dash client.c file. Manipulation of the base init url argument can trigger this issue. This...

CVE-2024-0322

Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV...

CVE-2020-11558

An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by MP4Box. audiosampleentryRead in isomedia/boxcodebase.c does not properly decide when to make gfisomboxdel calls. This leads to various use-after-free outcomes involving mdiaRead, gfisomdeletemovie, and gfisomparsemovieboxes...

CVE-2021-30014

There is a integer overflow in mediatools/avparsers.c in the hevcparseslicesegment function in GPAC from v0.9.0-preview to 1.0.1 which results in a crash...

CVE-2019-20208

dimCRead in isomedia/boxcode3gpp.c in GPAC from 0.5.2 to 0.8.0 has a stack-based buffer overflow...

Linux Distros Unpatched Vulnerability : CVE-2022-43044

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gfisomgetmetaiteminfo at /isomedia/meta.c...

CVE-2019-20171

An issue was discovered in GPAC version 0.5.2 and 0.9.0-development-20191109. There are memory leaks in metxNew in isomedia/boxcodebase.c and abstRead in isomedia/boxcodeadobe.c...