Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bento4 bento4 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2017-14642
A NULL pointer dereference exists in the AP4_HdlrAtom class in Bento4 version 1.5.0-617. The vulnerability causes a segmentation fault and application crash in AP4_StdcFileByteStream::ReadPartial in System/StdC/Ap4StdCFileByteStream.cpp, which leads to remote denial of service.
Bento4 Bento4 1.5.0-617
8.8
CVSSv3
CVE-2017-14644
A heap-based buffer overflow exists in the AP4_HdlrAtom class in Bento4 1.5.0-617. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution.
Bento4 Bento4 1.5.0-617
7.8
CVSSv3
CVE-2017-14258
In the SDK in Bento4 1.5.0-616, SetItemCount in Core/Ap4StscAtom.h file contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file.
Bento4 Bento4 1.5.0-616
7.8
CVSSv3
CVE-2017-14259
In the SDK in Bento4 1.5.0-616, the AP4_StscAtom class in Ap4StscAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file.
Bento4 Bento4 1.5.0-616
7.8
CVSSv3
CVE-2017-14261
In the SDK in Bento4 1.5.0-616, the AP4_StszAtom class in Ap4StszAtom.cpp file contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file.
Bento4 Bento4 1.5.0-616
8.8
CVSSv3
CVE-2021-32265
An issue exists in Bento4 through v1.6.0-637. A global-buffer-overflow exists in the function AP4_MemoryByteStream::WritePartial() located in Ap4ByteStream.cpp. It allows an malicious user to cause code execution or information disclosure.
Axiosys Bento4
5.5
CVSSv3
CVE-2017-12475
The AP4_Processor::Process function in Core/Ap4Processor.cpp in Bento4 mp4encrypt prior to 1.5.0-616 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file.
Axiosys Bento4
7.5
CVSSv3
CVE-2020-23334
A WRITE memory access in the AP4_NullTerminatedStringAtom::AP4_NullTerminatedStringAtom component of Bento4 version 06c39d9 can lead to a segmentation fault.
Axiosys Bento4
6.5
CVSSv3
CVE-2022-40737
An issue exists in Bento4 up to and including 1.6.0-639. A buffer over-read exists in the function AP4_StdcFileByteStream::WritePartial located in System/StdC/Ap4StdCFileByteStream.cpp, called from AP4_ByteStream::Write and AP4_HdlrAtom::WriteFields.
Axiosys Bento4
6.5
CVSSv3
CVE-2022-40738
An issue exists in Bento4 up to and including 1.6.0-639. A NULL pointer dereference occurs in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, called from AP4_EsDescriptor::WriteFields and AP4_Expandable::Write.
Axiosys Bento4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »