Lucene search
K

1889 matches found

Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-52132

Name of the Vulnerable Software and Affected Versions GPAC Project/MP4Box versions prior to 26.02.0 Description A use-after-free issue exists in the gf filter pid inst swap delete task function located in /filter core/filter pid.c. This flaw allows an attacker to trigger a Denial of Service DoS b...

7.5CVSS5.7AI score0.0051EPSS
Exploits1References12
Cvelist
Cvelist
added 2026/06/24 12:0 a.m.16 views

CVE-2025-60467

A use-after-free in the gffilterpidinstswapdeletetask function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted media file...

0.0051EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-52140

Name of the Vulnerable Software and Affected Versions GPAC Project/MP4Box versions prior to 26.02.0 Description A NULL pointer dereference occurs in the gf filter in parent chain function located in /filter core/filter pid.c. This issue allows an attacker to trigger a Denial of Service DoS by...

5.5CVSS5.8AI score0.00141EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-55639

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC MP4Box v2.4 was discovered to contain a NULL pointer dereference in the gfisomaddtrackkind function at isomedia/isomwrite.c. This vulnerability allows...

6.5CVSS6.6AI score0.00352EPSS
Exploits1References3
CVE
CVE
added 2026/06/24 12:0 a.m.6 views

CVE-2025-60473

GPAC MP4Box before 26.02.0 is affected by a NULL pointer dereference in gf_filter_in_parent_chain (filter_core/filter_pid.c), enabling a Denial of Service when processing a crafted file. The issue is a code-level null dereference in the parent-chain filtering logic, with a CVSS v3.1 base score of...

5.5CVSS5.9AI score0.00141EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2026/06/24 12:0 a.m.9 views

CVE-2025-60466

GPAC MP4Box (before 26.02.0) is affected by a use-after-free in the function gf_filter_pid_get_packet within /filter_core/filter_pid.c, enabling potential DoS via crafted media files. The vulnerability is triggered by handling specific media content and may lead to process instability or crash. A...

5CVSS5.9AI score0.00121EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2026/06/24 12:0 a.m.7 views

CVE-2025-60467

GPAC Project/MP4Box prior to 26.02.0 is affected by a use-after-free in the gf_filter_pid_inst_swap_delete_task function (/filter_core/filter_pid.c). The issue can allow a Denial of Service when processing a crafted media file. The vulnerability is confirmed across multiple sources (NVD, CVE reco...

7.5CVSS5.9AI score0.0051EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2026/06/24 12:0 a.m.6 views

CVE-2025-60474

GPAC MP4Box up to version 26.01.x has a buffer overflow in the gf_media_import() function (in /media_tools/av_parsers.c). The underlining issue allows DoS via crafted input, affecting MP4Box before 26.02.0. Public sources consistently cite GPAC MP4Box versions prior to 26.02.0 as vulnerable, with...

7.5CVSS6.1AI score0.00579EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2026/06/24 12:0 a.m.5 views

CVE-2025-60471

GPAC MP4Box prior to 26.02.0 is affected by a use-after-free in gf_filter_pid_reconfigure_task_discard (located at /filter_core/filter_pid.c). This leads to Denial of Service when processing a crafted media file. The vulnerability is documented as CVE-2025-60471. Impact is described as availabili...

5.5CVSS5.9AI score0.00136EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2026/06/24 12:0 a.m.17 views

CVE-2025-60468

GPAC Multimedia Open Source Project GPAC Project/MP4Box 2.5-DEV-rev1593-gfe88c3545-master is affected by: Buffer Overflow. The impact is: cause a denial of service local. The component is: filtercore/filterpid.c L:574-580: function gffilterpidinstswapdeletetask improperly accesses freed objects...

0.0013EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/23 6:31 p.m.6 views

EUVD-2025-210311

GPAC MP4Box v2.4 was discovered to contain a NULL pointer dereference in the gfisomaddtrackkind function at isomedia/isomwrite.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

6.5CVSS5.9AI score0.00352EPSS
Exploits1References5
OSV
OSV
added 2026/06/23 4:16 p.m.2 views

DEBIAN-CVE-2025-55639

GPAC MP4Box v2.4 was discovered to contain a NULL pointer dereference in the gfisomaddtrackkind function at isomedia/isomwrite.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

6.5CVSS5.9AI score0.00352EPSS
Exploits1References1
NVD
NVD
added 2026/06/23 4:16 p.m.9 views

CVE-2025-55639

GPAC MP4Box v2.4 was discovered to contain a NULL pointer dereference in the gfisomaddtrackkind function at isomedia/isomwrite.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

6.5CVSS0.00352EPSS
Exploits1References5
OSV
OSV
added 2026/06/23 4:16 p.m.3 views

UBUNTU-CVE-2025-55639

GPAC MP4Box v2.4 was discovered to contain a NULL pointer dereference in the gfisomaddtrackkind function at isomedia/isomwrite.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

6.5CVSS5.9AI score0.00352EPSS
Exploits1References2
CVE
CVE
added 2026/06/23 12:0 a.m.7 views

CVE-2025-55639

GPAC MP4Box v2.4 contains a NULL pointer dereference in gf_isom_add_track_kind() (isomedia/isom_write.c), enabling a Denial of Service via a crafted MP4 file. A PoC exists in public references; exploitation status is shown as available in the metrics. No patch/version mitigation is specified in t...

6.5CVSS5.9AI score0.00352EPSS
Exploits1References5Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in gpac

A vulnerability has been discovered in GPAC 2.5-DEV-rev228-g11067ea92-master. This vulnerability affects the xmtnodeend function in the src/scenemanager/loaderxmt.c file of the MP4Box component. The vulnerability allows for data to be accessed after it has been freed from memory, requiring local...

5.5CVSS5.5AI score0.00298EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.7 views

PT-2026-51526

Name of the Vulnerable Software and Affected Versions GPAC MP4Box version 2.4 Description A NULL pointer dereference exists in the gf isom add track kind function within the isomedia/isom write.c file. This issue allows a remote attacker to trigger a Denial of Service DoS by processing a speciall...

7.8CVSS5.8AI score0.00352EPSS
Exploits1References16
EUVD
EUVD
added 2026/06/15 9:30 p.m.7 views

EUVD-2025-210148

A NULL pointer dereference in the gfmediamapesd function mediatools/isomtools.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS5.2AI score0.00188EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/15 9:30 p.m.11 views

EUVD-2025-210142

GPAC MP4Box v2.4 was discovered to contain a floating point exception in the avidmxprocess function isomedia/isomwrite.c...

6.5CVSS5.2AI score0.00363EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/15 9:30 p.m.6 views

EUVD-2025-210150

A heap buffer overflow in the gfisomvpconfignew function isomedia/avcext.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS5.5AI score0.00202EPSS
Exploits1References3
Rows per page
Query Builder