Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bento4 bento4 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2018-5253
The AP4_FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 has an Infinite loop via a crafted MP4 file that triggers size mishandling.
Axiosys Bento4 1.5.1.0
7.8
CVSSv3
CVE-2019-20090
An issue exists in Bento4 1.5.1.0. There is a use-after-free in AP4_Sample::GetOffset in Core/Ap4Sample.h when called from Ap4LinearReader.cpp.
Axiosys Bento4 1.5.1.0
7.8
CVSSv3
CVE-2019-17529
An issue exists in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp.
Axiosys Bento4 1.5.1.0
7.8
CVSSv3
CVE-2019-17530
An issue exists in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_PrintInspector::AddField in Core/Ap4Atom.cpp when called from AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp, when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp.
Axiosys Bento4 1.5.1.0
7.5
CVSSv3
CVE-2018-10790
The AP4_CttsAtom class in Core/Ap4CttsAtom.cpp in Bento4 1.5.1.0 allows remote malicious users to cause a denial of service (application crash), related to a memory allocation failure, as demonstrated by mp2aac.
Axiosys Bento4 1.5.1.0
5.5
CVSSv3
CVE-2022-29017
Bento4 v1.6.0.0 exists to contain a segmentation fault via the component /x86_64/multiarch/strlen-avx2.S.
Axiosys Bento4 1.6.0.0
6.5
CVSSv3
CVE-2024-25451
Bento4 v1.6.0-640 exists to contain an out-of-memory bug via the AP4_DataBuffer::ReallocateBuffer() function.
Axiosys Bento4 1.6.0-640
5.5
CVSSv3
CVE-2024-25452
Bento4 v1.6.0-640 exists to contain an out-of-memory bug via the AP4_UrlAtom::AP4_UrlAtom() function.
Axiosys Bento4 1.6.0-640
5.5
CVSSv3
CVE-2024-25453
Bento4 v1.6.0-640 exists to contain a NULL pointer dereference via the AP4_StszAtom::GetSampleSize() function.
Axiosys Bento4 1.6.0-640
5.5
CVSSv3
CVE-2024-25454
Bento4 v1.6.0-640 exists to contain a NULL pointer dereference via the AP4_DescriptorFinder::Test() function.
Axiosys Bento4 1.6.0-640
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »