40 matches found
EUVD-2019-17231
Malware in sbrugna...
EUVD-2022-38059
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2018-20095
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as...
Linux Distros Unpatched Vulnerability : CVE-2019-7699
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer over-read occurs in AP4BitStream::WriteBytes in Codecs/Ap4BitStream.cpp in Bento4 v1.5.1-627. Remote attackers could leverage this...
CVE-2018-20095
An issue was discovered in EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as demonstrated by mp42hls...
CVE-2025-25944
Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the Ap4RtpAtom.cpp, specifically in AP4RtpAtom::AP4RtpAtom, during the execution of mp4fragment with a crafted MP4 input file...
CVE-2025-25947
An issue in Bento4 v1.6.0-641 allows an attacker to trigger a segmentation fault via Ap4Atom.cpp, specifically in AP4AtomParent::RemoveChild, during the execution of mp4encrypt with a specially crafted MP4 input file...
CVE-2025-25947
An issue in Bento4 v1.6.0-641 allows an attacker to trigger a segmentation fault via Ap4Atom.cpp, specifically in AP4AtomParent::RemoveChild, during the execution of mp4encrypt with a specially crafted MP4 input file...
CVE-2025-25947
An issue in Bento4 v1.6.0-641 allows an attacker to trigger a segmentation fault via Ap4Atom.cpp, specifically in AP4AtomParent::RemoveChild, during the execution of mp4encrypt with a specially crafted MP4 input file...
CVE-2025-25944
Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the Ap4RtpAtom.cpp, specifically in AP4RtpAtom::AP4RtpAtom, during the execution of mp4fragment with a crafted MP4 input file...
CVE-2025-25947
An issue in Bento4 v1.6.0-641 allows an attacker to trigger a segmentation fault via Ap4Atom.cpp, specifically in AP4AtomParent::RemoveChild, during the execution of mp4encrypt with a specially crafted MP4 input file...
CVE-2025-25944
Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the Ap4RtpAtom.cpp, specifically in AP4RtpAtom::AP4RtpAtom, during the execution of mp4fragment with a crafted MP4 input file...
CVE-2025-25946
An issue in Bento4 v1.6.0-641 allows an attacker to cause a memory leak via Ap4Marlin.cpp and Ap4Processor.cpp, specifically in AP4MarlinIpmpEncryptingProcessor::Initialize and AP4Processor::Process, during the execution of mp4encrypt with a specially crafted MP4 input file...
CVE-2025-25944
CVE-2025-25944 describes a buffer overflow in Bento4 v1.6.0-641 that allows a local attacker to execute arbitrary code via the Ap4RtpAtom.cpp constructor (AP4_RtpAtom::AP4_RtpAtom) during mp4fragment on a crafted MP4 input. The affected component is Bento4 (C++ library for MP4 I/O). The descripti...
CVE-2025-25946
CVE-2025-25946 affects Bento4 v1.6.0-641. The issue is a memory leak exploitable via mp4encrypt, due to code in Ap4Marlin.cpp and Ap4Processor.cpp (AP4_MarlinIpmpEncryptingProcessor::Initialize and AP4_Processor::Process). A crafted MP4 input file triggers the leak. Affected components/files and ...
CVE-2025-25947
CVE-2025-25947 affects Bento4 v1.6.0-641, where a segmentation fault can be triggered by crafted MP4 input in AP4_AtomParent::RemoveChild invoked during mp4encrypt. The vulnerability is tied to Bento4’s Ap4Atom.cpp handling. Connected sources confirm the affected version and function, but do not ...
CVE-2025-25947
An issue in Bento4 v1.6.0-641 allows an attacker to trigger a segmentation fault via Ap4Atom.cpp, specifically in AP4AtomParent::RemoveChild, during the execution of mp4encrypt with a specially crafted MP4 input file...
CVE-2022-35165
An issue in AP4SgpdAtom::AP4SgpdAtom of Bento4-1.6.0-639 allows attackers to cause a Denial of Service DoS via a crafted mp4 input...
CVE-2022-35165
An issue in AP4SgpdAtom::AP4SgpdAtom of Bento4-1.6.0-639 allows attackers to cause a Denial of Service DoS via a crafted mp4 input...
Input validation
An issue in AP4SgpdAtom::AP4SgpdAtom of Bento4-1.6.0-639 allows attackers to cause a Denial of Service DoS via a crafted mp4 input...