238 matches found
CVE-2026-4016
A security vulnerability has been detected in GPAC 26.03-DEV. Affected by this vulnerability is the function svginprocess of the file src/filters/loadsvg.c of the component SVG Parser. The manipulation leads to out-of-bounds write. Local access is required to approach this attack. The exploit has...
DEBIAN-CVE-2026-1415
A vulnerability was identified in GPAC up to 2.4.0. Affected is the function gfmediaexportwebvttmetadata of the file src/mediatools/mediaexport.c. The manipulation of the argument Name leads to null pointer dereference. The attack must be carried out locally. The exploit is publicly available and...
CVE-2025-70310
A heap overflow in the vorbistointern function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted .ogg file...
CVE-2025-70305
A stack overflow in the dmxsaf function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted .saf file...
CVE-2025-70302
A heap overflow in the ghidmxdeclareopidbin function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-70307
A stack overflow in the dumpttxtsample function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted packet...
CVE-2025-70310
A heap overflow in the vorbistointern function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted .ogg file...
CVE-2025-70308
An out-of-bounds read in the GSF demuxer filter component of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted .gsf file...
CVE-2025-70309
A stack overflow in the pcmreframeflushpacket function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted WAV file...
UBUNTU-CVE-2025-70304
A buffer overflow in the vobsubgetsubpicduration function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted packet...
CVE-2025-70298
GPAC v2.4.0 was discovered to contain an out-of-bounds read in the oggdmxparsetags function...
UBUNTU-CVE-2025-70308
An out-of-bounds read in the GSF demuxer filter component of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted .gsf file...
CVE-2025-70310
GPAC v2.4.0 contains a heap overflow in the vorbis_to_intern() function, exploitable via a crafted .ogg file to cause a Denial of Service. Multiple connected sources (CNVD, Red Hat, Debian/OSV, NVD) corroborate a DoS-inducing overflow in vorbis_to_intern, with CVSS/metrics indicating a local atta...
CVE-2025-70309
A stack overflow in the pcmreframeflushpacket function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted WAV file...
CVE-2025-70299
A heap overflow in the aviparseinputfile function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted AVI file...
EUVD-2026-2739
A stack overflow in the pcmreframeflushpacket function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted WAV file...
CVE-2025-70302
GPAC vulnerability CVE-2025-70302: A heap overflow in the ghi_dmx_declare_opid_bin() function of GPAC v2.4.0 can be triggered by crafted input to cause a Denial of Service. The issue is rooted in improper handling/validation of the input length, leading to heap-based memory corruption. Multiple c...
CVE-2025-70307
A stack overflow in the dumpttxtsample function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted packet...
CVE-2025-70305
A stack overflow in the dmxsaf function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted .saf file...
CVE-2025-70308
An out-of-bounds read in the GSF demuxer filter component of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted .gsf file...