Lucene search
+L

1473 matches found

EUVD
EUVD
added 2026/07/02 12:31 a.m.9 views

EUVD-2026-41219

A NULL pointer dereference in the AP4AtomSampleTable::GetSample function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

7.5CVSS5.8AI score0.00343EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 12:0 a.m.16 views

CVE-2026-36910

The vulnerability affects MPC-BE (Aleksoid1978) where an access violation occurs in BaseSplitterFile::Read prior to commit 4341cb3, enabling DoS via a crafted MP4 file. The issue is described consistently across multiple trusted sources (NVD, CVE records, EUVD, CVE list, PT Security, AttackersKB,...

5.5CVSS5.8AI score0.00113EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/30 12:0 a.m.9 views

The vulnerability of the gf_isom_add_track_kind() function in the isomedia/isom_write.c file, implemented by the MP4Box encoder for the GPAC multimedia platform, allows a malicious actor to cause service interruptions using a specially created MP4 file.

The vulnerability of the gfisomaddtrackkind function in the isomedia/isomwrite.c file, belonging to the MP4Box encoder of the GPAC multimedia platform, is related to pointer dereferencing errors. Exploiting this vulnerability could allow an attacker to cause service failures through the use of a...

7.8CVSS5.9AI score0.00352EPSS
Exploits1References7Affected Software2
NVD
NVD
added 2026/06/26 10:16 p.m.12 views

CVE-2026-36908

A stack overflow in the AP4Array::EnsureCapacity component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

5.5CVSS0.00142EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 10:16 p.m.11 views

CVE-2026-36907

A stack overflow in the AP4StsdAtom::AP4StsdAtom component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

5.5CVSS0.00125EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 12:0 a.m.21 views

CVE-2026-36907

A stack overflow in the AP4StsdAtom::AP4StsdAtom component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

0.00125EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 12:0 a.m.23 views

CVE-2026-36908

A stack overflow in the AP4Array::EnsureCapacity component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

0.00142EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 8:17 p.m.10 views

CVE-2025-60464

A use-after-free in the gfseiloadfromstateinternal function /filters/seiload.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted MPEG-2 TS file...

7.8CVSS0.00144EPSS
Exploits1References6
OSV
OSV
added 2026/06/25 8:17 p.m.4 views

UBUNTU-CVE-2025-60464

A use-after-free in the gfseiloadfromstateinternal function /filters/seiload.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted MPEG-2 TS file...

7.8CVSS5.8AI score0.00144EPSS
Exploits1References8
Cvelist
Cvelist
added 2026/06/25 12:0 a.m.22 views

CVE-2025-60464

A use-after-free in the gfseiloadfromstateinternal function /filters/seiload.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted MPEG-2 TS file...

0.00144EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.14 views

PT-2026-52558

Name of the Vulnerable Software and Affected Versions GPAC Project/MP4Box versions prior to 26.02.0 Description A use-after-free issue exists in the gf sei load from state internal function located in /filters/sei load.c. This occurs when the software processes a specially crafted MPEG-2 TS file,...

7.8CVSS5.7AI score0.00144EPSS
Exploits1References10
CVE
CVE
added 2026/06/25 12:0 a.m.14 views

CVE-2025-60464

GPAC MP4Box contains a use-after-free in gf_sei_load_from_state_internal (in /filters/sei_load.c) affecting builds before 26.02.0. This vulnerability can allow a Denial of Service when processing a crafted MPEG-2 TS file. The issue is described across multiple sources (NVD/NVD variant, AttackersK...

7.8CVSS5.9AI score0.00144EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-52127

Name of the Vulnerable Software and Affected Versions MP4Box version 2.5-DEV-rev1593-gfe88c3545-master Description A heap use-after-free occurs when the gf filter pid inst swap delete task function in the filter core/filter pid.c component improperly accesses objects after they have been freed...

5.5CVSS5.8AI score0.0013EPSS
Exploits1References8
Mageia
Mageia
added 2026/06/16 4:58 a.m.76 views

Updated libsndfile packages fix security vulnerabilities

CVE-2025-52194 A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircamreadheader function at src/ircam.c:164 during sample rate processing, leading to memory corruption a...

8.2CVSS6AI score0.00585EPSS
Exploits3References1
NVD
NVD
added 2026/06/16 2:16 a.m.11 views

CVE-2026-1765

A flaw was found in the tracker-extract-mp3 component of GNOME localsearch previously known as tracker-miners. This vulnerability, a heap buffer overflow, occurs when processing specially crafted MP3 files. A remote attacker could exploit this by providing a malicious MP3 file, leading to a Denia...

5.6CVSS0.00139EPSS
Exploits0References2
CVE
CVE
added 2026/06/16 12:34 a.m.54 views

CVE-2026-1766

CVE-2026-1766 concerns GNOME localsearch (tracker-extract-mp3) and its MP3 Extractor, where a heap buffer overflow occurs while parsing MP3 files with malformed ID3v2.3 COMM tags. Exploitation can cause DoS (crash) and may disclose heap data. Public advisories and patches exist across multiple ve...

6.1CVSS5.5AI score0.00158EPSS
Exploits1References2Affected Software2
NVD
NVD
added 2026/06/15 8:16 p.m.10 views

CVE-2025-55644

A heap use-after-free in the gfnodegettag function scenegraph/basescenegraph.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS0.00188EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.13 views

PT-2026-49271

A heap use-after-free in the gf node get tag function scenegraph/base scenegraph.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.3AI score0.00188EPSS
Exploits1References2
OSV
OSV
added 2026/06/12 12:26 p.m.10 views

OESA-2026-2665 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: When calculating the...

8.7CVSS5.8AI score0.00172EPSS
Exploits0References2
OSV
OSV
added 2026/06/12 12:26 p.m.11 views

OESA-2026-2663 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: FFmpeg 4.2 is affected ...

8.8CVSS7.2AI score0.02468EPSS
Exploits6References8
Rows per page
Query Builder