Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bento4 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-14259
In the SDK in Bento4 1.5.0-616, the AP4_StscAtom class in Ap4StscAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file.
Bento4 Bento4 1.5.0-616
7.8
CVSSv3
CVE-2017-14260
In the SDK in Bento4 1.5.0-616, the AP4_StssAtom class in Ap4StssAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file.
Axiosys Bento4 1.5.0-616
7.5
CVSSv3
CVE-2022-3667
A vulnerability, which was classified as critical, was found in Axiomatic Bento4. This affects the function AP4_MemoryByteStream::WritePartial of the file Ap4ByteStream.cpp of the component mp42aac. The manipulation leads to heap-based buffer overflow. It is possible to initiate ...
Axiosys Bento4 1.6.0-639
7.5
CVSSv3
CVE-2021-40941
In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity in Ap4Array.h:172, as demonstrated by GPAC. This can cause a denial of service (DOS).
Axiosys Bento4 1.6.0-638
7.5
CVSSv3
CVE-2018-10790
The AP4_CttsAtom class in Core/Ap4CttsAtom.cpp in Bento4 1.5.1.0 allows remote malicious users to cause a denial of service (application crash), related to a memory allocation failure, as demonstrated by mp2aac.
Axiosys Bento4 1.5.1.0
7.5
CVSSv3
CVE-2020-23330
An issue exists in Bento4 version 06c39d9. A NULL pointer dereference exists in the AP4_Stz2Atom::GetSampleSize component located in /Core/Ap4Stz2Atom.cpp. It allows an malicious user to cause a denial of service (DOS).
Axiosys Bento4
7.5
CVSSv3
CVE-2020-23331
An issue exists in Bento4 version 06c39d9. A NULL pointer dereference exists in the AP4_DescriptorListWriter::Action component located in /Core/Ap4Descriptor.h. It allows an malicious user to cause a denial of service (DOS).
Axiosys Bento4 -
7.5
CVSSv3
CVE-2020-23332
A heap-based buffer overflow exists in the AP4_StdcFileByteStream::ReadPartial component located in /StdC/Ap4StdCFileByteStream.cpp of Bento4 version 06c39d9. This issue can lead to a denial of service (DOS).
Axiosys Bento4 -
7.5
CVSSv3
CVE-2020-23333
A heap-based buffer overflow exists in the AP4_CttsAtom::AP4_CttsAtom component located in /Core/Ap4Utils.h of Bento4 version 06c39d9. This can lead to a denial of service (DOS).
Axiosys Bento4
7.5
CVSSv3
CVE-2020-23334
A WRITE memory access in the AP4_NullTerminatedStringAtom::AP4_NullTerminatedStringAtom component of Bento4 version 06c39d9 can lead to a segmentation fault.
Axiosys Bento4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »