Lucene search
K

1918 matches found

Tenable Nessus
Tenable Nessus
added 3 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-15185

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in GPAC 26.03-DEV. This affects the function vobsubreadidx of the file /src/mediatools/vobsub.c of the component MP4Box. Executin...

4.8CVSS5.6AI score0.00112EPSS
Exploits0References3
NVD
NVD
added 4 days ago9 views

CVE-2026-15185

A vulnerability was determined in GPAC 26.03-DEV. This affects the function vobsubreadidx of the file /src/mediatools/vobsub.c of the component MP4Box. Executing a manipulation of the argument numlangs can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been...

4.8CVSS0.00112EPSS
Exploits0References8
CVE
CVE
added 4 days ago12 views

CVE-2026-15185

GPAC MP4Box (vobsub_read_idx in /src/media_tools/vobsub.c) is affected. Manipulating the num_langs argument can trigger an out-of-bounds read, locally exploitable. The issue is in GPAC 26.03-DEV and has publicly disclosed exploit details. A patch was applied via commits 532097084729a936bcdf6a27c4...

4.8CVSS5.4AI score0.00112EPSS
Exploits0References8
Cvelist
Cvelist
added 4 days ago29 views

CVE-2026-15185 GPAC MP4Box vobsub.c vobsub_read_idx out-of-bounds

A vulnerability was determined in GPAC 26.03-DEV. This affects the function vobsubreadidx of the file /src/mediatools/vobsub.c of the component MP4Box. Executing a manipulation of the argument numlangs can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been...

4.8CVSS0.00112EPSS
Exploits0References8
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42590

A vulnerability was determined in GPAC 26.03-DEV. This affects the function vobsubreadidx of the file /src/mediatools/vobsub.c of the component MP4Box. Executing a manipulation of the argument numlangs can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been...

4.8CVSS5.4AI score0.00112EPSS
Exploits0References8
OSV
OSV
added 2026/07/06 11:45 a.m.2 views

CVE-2025-15668 GPAC MP4Box box_code_base.c sgpd_del_entry heap-based overflow

A vulnerability was identified in GPAC up to b40ce70f5. This issue affects the function sgpddelentry of the file src/isomedia/boxcodebase.c of the component MP4Box. Such manipulation of the argument data leads to heap-based buffer overflow. Local access is required to approach this attack. The...

4.8CVSS6.1AI score0.00124EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/07/06 11:45 a.m.36 views

CVE-2025-15668 GPAC MP4Box box_code_base.c sgpd_del_entry heap-based overflow

A vulnerability was identified in GPAC up to b40ce70f5. This issue affects the function sgpddelentry of the file src/isomedia/boxcodebase.c of the component MP4Box. Such manipulation of the argument data leads to heap-based buffer overflow. Local access is required to approach this attack. The...

4.8CVSS0.00124EPSS
Exploits0References8
EUVD
EUVD
added 2026/07/06 11:45 a.m.7 views

EUVD-2025-210430

A vulnerability was identified in GPAC up to b40ce70f5. This issue affects the function sgpddelentry of the file src/isomedia/boxcodebase.c of the component MP4Box. Such manipulation of the argument data leads to heap-based buffer overflow. Local access is required to approach this attack. The...

4.8CVSS6.1AI score0.00124EPSS
Exploits0References8
CVE
CVE
added 2026/07/06 11:45 a.m.11 views

CVE-2025-15668

GPAC MP4Box contains a heap-based overflow in sgpd_del_entry (src/isomedia/box_code_base.c). Local access is required. The exploit is publicly available; a patch is identified as f29f955f2a3b5e8e507caad3e52319f961bf37bf. Affected version range is GPAC up to b40ce70f5. Remediation is to apply the ...

4.8CVSS6.1AI score0.00124EPSS
Exploits0References8
CVE
CVE
added 2026/07/06 11:15 a.m.14 views

CVE-2025-15667

GPAC MP4Box contains a vulnerability in gf_isom_nalu_sample_rewrite (src/isomedia/avc_ext.c) that can cause a double free. The issue affects GPAC up to 2.5-DEV and enables a local-attack where an attacker manipulates nalu_out_bs. Public exploit details exist. A patch named f29f955f2a3b5e8e507caad...

4.8CVSS5.4AI score0.00112EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/07/06 11:15 a.m.35 views

CVE-2025-15667 GPAC MP4Box avc_ext.c gf_isom_nalu_sample_rewrite double free

A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...

4.8CVSS0.00112EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.10 views

PT-2026-55930

Name of the Vulnerable Software and Affected Versions GPAC versions prior to b40ce70f5 Description A heap-based buffer overflow occurs in the MP4Box component within the sgpd del entry function located in the src/isomedia/box code base.c file. This issue is triggered by the manipulation of the da...

4.8CVSS6.1AI score0.00124EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-60467

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the gffilterpidinstswapdeletetask function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial ...

7.5CVSS6AI score0.0051EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2025-60473

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference in the gffilterinparentchain function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denia...

5.5CVSS6AI score0.00141EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2025-60466

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the gffilterpidgetpacket function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Servic...

5CVSS6AI score0.00121EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2025-60471

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the gffilterpidreconfiguretaskdiscard function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a...

5.5CVSS6AI score0.00136EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2025-60474

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow in the gfmediaimport function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS...

7.5CVSS6.2AI score0.00579EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2025-60464

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the gfseiloadfromstateinternal function /filters/seiload.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Servi...

7.8CVSS6AI score0.00144EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2025-60465

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the gffilterpidinstswap function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service...

6.1CVSS6AI score0.00135EPSS
Exploits1References3
NVD
NVD
added 2026/06/25 8:17 p.m.8 views

CVE-2025-60465

A use-after-free in the gffilterpidinstswap function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted media file...

6.1CVSS0.00135EPSS
Exploits1References6
Rows per page
Query Builder