Bento4 Security Vulnerabilities and Issues — Bento4 CVE List

Lucene search

AxiosysBento4

22 matches found

CVE•added 2022/03/21 11:15 p.m.•85 views

CVE-2022-27607

Bento4 1.6.0-639 has a heap-based buffer over-read in the AP4_HvccAtom class, a different issue than CVE-2018-14531.

8.1CVSS8.9AI score0.00468EPSS

CVE•added 2022/12/17 1:15 p.m.•52 views

CVE-2022-4584

A vulnerability was found in Axiomatic Bento4 up to 1.6.0-639. It has been rated as critical. Affected by this issue is some unknown functionality of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to t...

8.8CVSS7.6AI score0.00105EPSS

CVE•added 2022/11/13 10:15 a.m.•50 views

CVE-2022-3974

A vulnerability classified as critical was found in Axiomatic Bento4. Affected by this vulnerability is the function AP4_StdcFileByteStream::ReadPartial of the file Ap4StdCFileByteStream.cpp of the component mp4info. The manipulation leads to heap-based buffer overflow. The attack can be launched r...

8.8CVSS7.7AI score0.00065EPSS

CVE•added 2022/10/03 2:15 p.m.•46 views

CVE-2022-41429

Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_Atom::TypeFromString function in mp4tag.

8.8CVSS8.8AI score0.00133EPSS

CVE•added 2024/04/02 8:16 a.m.•44 views

CVE-2024-31003

Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4_MemoryByteStream::WritePartial at Ap4ByteStream.cpp.

8.8CVSS7.9AI score0.06796EPSS

CVE•added 2024/04/02 8:16 a.m.•43 views

CVE-2024-31005

An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the Ap4MdhdAtom.cpp,AP4_MdhdAtom::AP4_MdhdAtom,mp4fragment

8.1CVSS7.8AI score0.07305EPSS

CVE•added 2022/10/03 2:15 p.m.•42 views

CVE-2022-41428

Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBits function in mp4mux.

8.8CVSS8.8AI score0.00123EPSS

CVE•added 2018/07/24 4:29 p.m.•37 views

CVE-2018-14584

An issue has been discovered in Bento4 1.5.1-624. AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp has a heap-based buffer over-read.

8.8CVSS8.7AI score0.00429EPSS

CVE•added 2018/07/24 4:29 p.m.•37 views

CVE-2018-14585

An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE in Core/Ap4Utils.h has a heap-based buffer over-read after a call from the AP4_Stz2Atom class.

8.8CVSS8.7AI score0.00429EPSS

CVE•added 2022/10/03 2:15 p.m.•37 views

CVE-2022-41430

Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBit function in mp4mux.

8.8CVSS8.8AI score0.00123EPSS

CVE•added 2018/07/24 4:29 p.m.•34 views

CVE-2018-14589

An issue has been discovered in Bento4 1.5.1-624. AP4_Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.cpp has a heap-based buffer over-read.

8.8CVSS8.7AI score0.00429EPSS

CVE•added 2019/02/17 2:29 a.m.•34 views

CVE-2019-8378

An issue was discovered in Bento4 1.5.1-628. A heap-based buffer over-read exists in AP4_BitStream::ReadBytes() in Codecs/Ap4BitStream.cpp, a similar issue to CVE-2017-14645. It can be triggered by sending a crafted file to the aac2mp4 binary. It allows an attacker to cause a Denial of Service (Seg...

8.8CVSS7.2AI score0.00402EPSS

CVE•added 2019/08/14 4:15 p.m.•33 views

CVE-2019-15047

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the function AP4_BitReader::SkipBits at Core/Ap4Utils.cpp.

8.8CVSS8.7AI score0.00397EPSS

CVE•added 2019/02/17 2:29 a.m.•33 views

CVE-2019-8380

An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in AP4_Track::GetSampleIndexForTimeStampMs() located in Core/Ap4Track.cpp. It can triggered by sending a crafted file to the mp4audioclip binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or...

8.8CVSS8.9AI score0.00345EPSS

CVE•added 2021/09/20 4:15 p.m.•33 views

CVE-2021-32265

An issue was discovered in Bento4 through v1.6.0-637. A global-buffer-overflow exists in the function AP4_MemoryByteStream::WritePartial() located in Ap4ByteStream.cpp. It allows an attacker to cause code execution or information disclosure.

8.8CVSS8.5AI score0.00639EPSS

CVE•added 2019/08/14 4:15 p.m.•32 views

CVE-2019-15049

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_Dec3Atom class at Core/Ap4Dec3Atom.cpp.

8.8CVSS8.7AI score0.00418EPSS

CVE•added 2018/07/24 4:29 p.m.•31 views

CVE-2018-14586

An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Mpeg2TsAudioSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp, a different vulnerability than CVE-2018-14532.

8.8CVSS9AI score0.00474EPSS

CVE•added 2019/08/14 4:15 p.m.•31 views

CVE-2019-15048

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer overflow in the AP4_RtpAtom class at Core/Ap4RtpAtom.cpp.

8.8CVSS8.8AI score0.00414EPSS

CVE•added 2019/08/14 4:15 p.m.•31 views

CVE-2019-15050

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_AvccAtom class at Core/Ap4AvccAtom.cpp.

8.8CVSS8.7AI score0.00418EPSS

CVE•added 2018/07/24 4:29 p.m.•30 views

CVE-2018-14587

An issue has been discovered in Bento4 1.5.1-624. AP4_MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read.

8.8CVSS8.8AI score0.00429EPSS

CVE•added 2019/02/17 2:29 a.m.•30 views

CVE-2019-8382

An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in the function AP4_List:Find located in Core/Ap4List.h when called from Core/Ap4Movie.cpp. It can be triggered by sending a crafted file to the mp4dump binary. It allows an attacker to cause a Denial of Service (Segment...

8.8CVSS8.9AI score0.00345EPSS

CVE•added 2019/03/01 7:29 p.m.•29 views

CVE-2019-9544

An issue was discovered in Bento4 1.5.1-628. An out of bounds write occurs in AP4_CttsTableEntry::AP4_CttsTableEntry() located in Core/Ap4Array.h. It can be triggered by sending a crafted file to (for example) the mp42hls binary. It allows an attacker to cause Denial of Service (Segmentation fault)...

8.8CVSS9.1AI score0.00402EPSS