Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gpac mp4box 1.0.1 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-41459
There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1008 in the nhmldmx_send_sample() function szXmlFrom parameter which leads to a denial of service vulnerability.
Gpac Mp4box 1.0.1
7.5
CVSSv3
CVE-2021-41456
There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1004 in the nhmldmx_send_sample() function szXmlTo parameter which leads to a denial of service vulnerability.
Gpac Mp4box 1.0.1
7.5
CVSSv3
CVE-2021-41457
There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nhml.c in nhmldmx_init_parsing which leads to a denial of service vulnerability.
Gpac Mp4box 1.1.0
5.5
CVSSv3
CVE-2021-31256
Memory leak in the stbl_GetSampleInfos function in MP4Box in GPAC 1.0.1 allows malicious users to read memory via a crafted file.
Gpac Gpac 1.0.1
5.5
CVSSv3
CVE-2021-32132
The abst_box_size function in GPAC 1.0.1 allows malicious users to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
Gpac Gpac 1.0.1
5.5
CVSSv3
CVE-2021-32134
The gf_odf_desc_copy function in GPAC 1.0.1 allows malicious users to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
Gpac Gpac 1.0.1
5.5
CVSSv3
CVE-2021-32135
The trak_box_size function in GPAC 1.0.1 allows malicious users to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
Gpac Gpac 1.0.1
5.5
CVSSv3
CVE-2021-32138
The DumpTrackInfo function in GPAC 1.0.1 allows malicious users to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
Gpac Gpac 1.0.1
5.5
CVSSv3
CVE-2021-32139
The gf_isom_vp_config_get function in GPAC 1.0.1 allows malicious users to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
Gpac Gpac 1.0.1
5.5
CVSSv3
CVE-2021-32437
The gf_hinter_finalize function in GPAC 1.0.1 allows malicious users to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
Gpac Gpac 1.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »