Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bento4 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-14545
There exists one invalid memory read bug in AP4_SampleDescription::GetType() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow malicious users to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts.
Axiosys Bento4 1.5.1-624
6.8
CVSSv2
CVE-2018-14589
An issue has been discovered in Bento4 1.5.1-624. AP4_Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.cpp has a heap-based buffer over-read.
Axiosys Bento4 1.5.1-624
4.3
CVSSv2
CVE-2019-13959
In Bento4 1.5.1-627, AP4_DataBuffer::SetDataSize does not handle reallocation failures, leading to a memory copy into a NULL pointer. This is different from CVE-2018-20186.
Axiosys Bento4 1.5.1-627
NA
CVE-2022-3813
A vulnerability classified as problematic has been found in Axiomatic Bento4. This affects an unknown part of the component mp4edit. The manipulation leads to memory leak. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used...
Axiosys Bento4 1.6.0-639
4.3
CVSSv2
CVE-2019-7697
An issue exists in Bento4 v1.5.1-627. There is an assertion failure in AP4_AtomListWriter::Action in Core/Ap4Atom.cpp, leading to a denial of service (program crash), as demonstrated by mp42hls.
Axiosys Bento4 1.5.1-627
4.3
CVSSv2
CVE-2019-7698
An issue exists in AP4_Array<AP4_CttsTableEntry>::EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as demonstrated by mp42hls, a related issue to CVE-2018-20095.
Axiosys Bento4 1.5.1-627
4.3
CVSSv2
CVE-2018-14544
There exists one invalid memory read bug in AP4_SampleDescription::GetFormat() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow malicious users to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts.
Axiosys Bento4 1.5.1-624
4.3
CVSSv2
CVE-2019-16349
Bento4 1.5.1-628 has a NULL pointer dereference in AP4_ByteStream::ReadUI32 in Core/Ap4ByteStream.cpp when called from the AP4_TrunAtom class.
Axiosys Bento4 1.5.1-628
5.8
CVSSv2
CVE-2022-27607
Bento4 1.6.0-639 has a heap-based buffer over-read in the AP4_HvccAtom class, a different issue than CVE-2018-14531.
Axiosys Bento4 1.6.0-639
4.3
CVSSv2
CVE-2019-7699
A heap-based buffer over-read occurs in AP4_BitStream::WriteBytes in Codecs/Ap4BitStream.cpp in Bento4 v1.5.1-627. Remote attackers could leverage this vulnerability to cause an exception via crafted mp4 input, which leads to a denial of service.
Axiosys Bento4 1.5.1-627
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »