Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
axiosys bento4 1.5.1.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-13238
An issue exists in Bento4 1.5.1.0. A memory allocation failure is unhandled in Core/Ap4SdpAtom.cpp and leads to crashes. When parsing input video, the program allocates a new buffer to parse an atom in the stream. The unhandled memory allocation failure causes a direct copy to a ...
Axiosys Bento4 1.5.1.0
7.8
CVSSv3
CVE-2018-5253
The AP4_FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 has an Infinite loop via a crafted MP4 file that triggers size mishandling.
Axiosys Bento4 1.5.1.0
7.5
CVSSv3
CVE-2018-10790
The AP4_CttsAtom class in Core/Ap4CttsAtom.cpp in Bento4 1.5.1.0 allows remote malicious users to cause a denial of service (application crash), related to a memory allocation failure, as demonstrated by mp2aac.
Axiosys Bento4 1.5.1.0
7.8
CVSSv3
CVE-2019-20090
An issue exists in Bento4 1.5.1.0. There is a use-after-free in AP4_Sample::GetOffset in Core/Ap4Sample.h when called from Ap4LinearReader.cpp.
Axiosys Bento4 1.5.1.0
5.5
CVSSv3
CVE-2019-20091
An issue exists in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_DecoderConfigDescriptor::GetDecoderSpecificInfoDescriptor in Ap4DecoderConfigDescriptor.cpp.
Axiosys Bento4 1.5.1.0
5.5
CVSSv3
CVE-2019-20092
An issue exists in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_EsDescriptor::GetDecoderConfigDescriptor in Ap4EsDescriptor.cpp.
Axiosys Bento4 1.5.1.0
7.8
CVSSv3
CVE-2019-17530
An issue exists in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_PrintInspector::AddField in Core/Ap4Atom.cpp when called from AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp, when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp.
Axiosys Bento4 1.5.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2