9 matches found
PT-2026-49274
A heap buffer overflow in the gf opus parse packet header function media tools/av parsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
CVE-2025-55648
GPAC MP4Box v2.4 is affected by a heap buffer overflow in gf_opus_parse_packet_header (media_tools/av_parsers.c) that can cause a Denial of Service when a crafted MP4 file is processed. This is a DoS by exploiting a memory-protection flaw in the parser; CVSS notes a local attack with user interac...
CVE-2025-55658
GPAC MP4Box v2.4 was discovered to contain a floating point exception in the gfopusparsepacketheader function mediatools/avparsers.c. bThis vulnerability allows attackers to cause a Denial of Service DoS via a crafted MP4 file...
PT-2026-48161
GPAC MP4Box v2.4 was discovered to contain a floating point exception in the gf opus parse packet header function media tools/av parsers.c. bThis vulnerability allows attackers to cause a Denial of Service DoS via a crafted MP4 file...
CVE-2025-55658
GPAC MP4Box v2.4 was discovered to contain a floating point exception in the gfopusparsepacketheader function mediatools/avparsers.c. bThis vulnerability allows attackers to cause a Denial of Service DoS via a crafted MP4 file...
CVE-2026-40614
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...
CVE-2025-65102 PJSIP is vulnerable to buffer overflow in Opus PLC
PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus PLC may zero-fill the input frame as long as the decoder ptime, while the input frame length, which is based on stream ptime, may be less than that. This issue affects PJSIP users who use the Opus audio...
EUVD-2013-0910
Malware in sbrugna...
DEBIAN-CVE-2014-0044
The opuspacketgetsamplesperframe function in client in Mumble 1.2.4 and the 1.2.3 pre-release snapshots allows remote attackers to cause a denial of service crash via a crafted length prefix value, which triggers a NULL pointer dereference or a heap-based buffer over-read aka "out-of-bounds array...