Lucene search
K
GoproGpmf-parser

18 matches found

CVE
CVE
added 2019/12/30 3:49 a.m.113 views

CVE-2019-20088

CVE-2019-20088 refers to the GoPro GPMF-parser version 1.2.3, which has a heap-based buffer over-read in the GetPayload function of GPMF_mp4reader.c. The vulnerability is documented across multiple sources (NVD, Red Hat CVE page, etc.), with CVSS v3.1 scores indicating a HIGH severity if exploite...

7.8CVSS7.7AI score0.00856EPSS
CVE
CVE
added 2019/12/30 3:49 a.m.105 views

CVE-2019-20087

GoPro GPMF-parser 1.2.3 is affected by a heap-based buffer over-read in GPMF_seekToSamples (GPMF-parse.c) related to the "matching tags" feature. The issue is reported across multiple sources (NVD, Red Hat, OSV, CVE lists) and is tied to CVE-2019-20087. The vulnerability description consistently ...

8.8CVSS8.8AI score0.01036EPSS
CVE
CVE
added 2019/12/30 3:49 a.m.104 views

CVE-2019-20086

GoPro GPMF-parser 1.2.3 is vulnerable due to a heap-based buffer over-read in GPMF_Next (GPMF_parser.c). Affected component: GPMF-parser within GoPro products. Root cause: heap-based over-read in GPMF_Next; no further exploit details are provided in the connected documents. CVSS data from the ini...

8.8CVSS8.7AI score0.01036EPSS
CVE
CVE
added 2019/12/30 3:48 a.m.100 views

CVE-2019-20089

Affected software: GoPro GPMF-parser 1.2.3. Issue: a heap-based buffer over-read in GPMF_SeekToSamples within GPMF_parse.c used for size calculation. Root cause per description: reading beyond allocated memory boundaries, enabling an out-of-bounds read. Impact described in the sources as a heap/b...

7.8CVSS7.7AI score0.00779EPSS
CVE
CVE
added 2020/10/19 5:57 p.m.49 views

CVE-2020-16161

The CVE-2020-16161 entry concerns GoPro gpmf-parser 1.5, with a division-by-zero vulnerability in GPMF_ScaledData() when parsing malicious input. This can cause a crash (availability impact) as noted in the description and CVSS metrics (base score 5.0/7.5 depending on vector). The provided docume...

7.5CVSS7.5AI score0.01803EPSS
CVE
CVE
added 2018/06/29 2:0 p.m.48 views

CVE-2018-13008

CVE-2018-13008 affects the gpmf-parser 1.1.2 library. The vulnerability is a heap-based buffer over-read in the function the documents name as GPMF_Next inside GPMF_parser.c, triggered by certain checks for a positive nest_level. The connected records corroborate this as the same issue across mul...

9.8CVSS9.4AI score0.01753EPSS
CVE
CVE
added 2018/06/29 2:0 p.m.47 views

CVE-2018-13009

The CVE-2018-13009 entry concerns gpmf-parser 1.1.2, with a heap-based buffer over-read in GPMF_Next of GPMF_parser.c caused by certain checks for GPMF_KEY_END and nest_level (conditional on buffer_size_longs). Impact is high per CVSS (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). No remediation details ...

9.8CVSS9.4AI score0.01753EPSS
CVE
CVE
added 2020/10/19 5:44 p.m.47 views

CVE-2020-16158

CVE-2020-16158 concerns GoPro’s gpmf-parser up to version 1.5, where a stack out-of-bounds write occurs in the function GPMF_ExpandComplexTYPE() . Parsing crafted input can lead to a crash or potentially arbitrary code execution. The connected documents reaffirm the same description across multip...

8.8CVSS9AI score0.0194EPSS
CVE
CVE
added 2018/06/29 2:0 p.m.46 views

CVE-2018-13007

CVE-2018-13007 affects gpmf-parser 1.1.2. The issue is a heap-based buffer over-read in GPMF_Next of GPMF_parser.c, linked to checks for GPMF_KEY_END and nest_level that are not conditioned on a buffer_size_longs check. Public sources describe a heap-based out-of-bounds read with high/critical im...

9.8CVSS9.4AI score0.01753EPSS
CVE
CVE
added 2018/06/29 3:0 p.m.46 views

CVE-2018-13011

CVE-2018-13011 affects gpmf-parser version 1.1.2. The issue is a heap-based buffer over-read in GPMF_Validate (GPMF_parser.c), as described across multiple sources (NVD entry, CNVD, OSV, CVELIST). The vulnerability’s CVSSv3 base metrics indicate NETWORK vector, no user interaction, and HIGH impac...

9.8CVSS9.5AI score0.01753EPSS
CVE
CVE
added 2019/08/18 6:29 p.m.45 views

CVE-2019-15148

GoPro GPMF-parser 1.2.2 contains an out-of-bounds write in OpenMP4Source (demo/GPMF_mp4reader.c). The provided documents do not specify exploit details, affected versions beyond 1.2.2, or remediation steps; no in-the-wild exploit information is given. Monitor for official fixes or advisories in u...

6.5CVSS6.5AI score0.01142EPSS
CVE
CVE
added 2020/10/19 5:48 p.m.45 views

CVE-2020-16159

CVE-2020-16159 affects GoPro gpmf-parser 1.5. The issue is a heap out-of-bounds read in GPMF_ScaledData(), triggered by parsing malicious input, leading to a crash and potential information disclosure. Documents do not provide affected product versions beyond 1.5, exploitation details, or remedia...

9.1CVSS8.8AI score0.01555EPSS
CVE
CVE
added 2020/10/19 5:54 p.m.45 views

CVE-2020-16160

CVE-2020-16160 affects GoPro gpmf-parser 1.5. The root cause is a division-by-zero in the function GPMF_Decompress() when parsing input, which can lead to a crash. The vulnerability’s impact as per the data indicates availability disruption (CVSS3.1 base score 7.5, HIGH) but no exploitation detai...

7.5CVSS7.5AI score0.01293EPSS
CVE
CVE
added 2018/06/30 12:0 p.m.44 views

CVE-2018-13026

CVE-2018-13026 affects gpmf-parser version 1.1.2. The vulnerability is a heap-based buffer over-read in the function GPMF_Type within GPMF_parser.c. CNVD/CNVD-2019-34685 explicitly states the issue is a heap buffer overflow in GPMF_Type and notes an attacker can exploit this to cause a heap buffe...

9.8CVSS9.5AI score0.01552EPSS
CVE
CVE
added 2018/10/27 4:0 p.m.43 views

CVE-2018-18699

GoPro gpmf-parser 1.2.1 is affected by an out-of-bounds write in OpenMP4Source (GPMF_mp4reader.c). This CVE (CVE-2018-18699) is documented across multiple feeds (NVD, Red Hat, CNVD, osv, CVE lists) with a high-impact profile (NVD CVSSv3: 8.8, NETWORK, privileges NONE, UI REQUIRED; confidentiality...

8.8CVSS8.7AI score0.01375EPSS
CVE
CVE
added 2019/08/18 6:29 p.m.43 views

CVE-2019-15146

CVE-2019-15146 affects the GoPro GPMF-parser v1.2.2 . The vulnerability is a heap-based buffer over-read (4 bytes) in the function GPMF_Next within GPMF_parser.c . The incident arises from improper memory boundary checks, allowing reads past the allocated buffer. Documented impact in CVE entries ...

6.5CVSS6.5AI score0.01142EPSS
CVE
CVE
added 2019/08/18 6:29 p.m.43 views

CVE-2019-15147

CVE-2019-15147 affects GoPro GPMF-parser 1.2.2. The connected records confirm a vulnerability in GPMF_Next in GPMF_parser.c causing an out-of-bounds read and a SEGV. No explicit exploit details, impact clarifications, or remediation are provided in the sources beyond the description. Other entrie...

6.5CVSS6.4AI score0.01142EPSS
CVE
CVE
added 2018/10/09 8:0 p.m.42 views

CVE-2018-18190

CVE-2018-18190 affects GoPro gpmf-parser before 1.2.1. The issue is a divide-by-zero in the function GPMF_ScaledData within GPMF_parser.c that can cause a crash. Affected component is the GPMF data parser used by GoPro cameras. Public references indicate the vulnerability exists in versions prior...

5.5CVSS5.5AI score0.00879EPSS