Aurelien David

44 exploits Active since Mar 2018
CVE-2025-60477 WRITEUP MEDIUM WRITEUP
GPAC Project/MP4Box < 26.02.0 - Denial of Service via Crafted File in gf_filter_pid_resolve_file_template_ex
A NULL pointer dereference in the gf_filter_pid_resolve_file_template_ex function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted file.
CVSS 5.0
CVE-2025-60481 WRITEUP MEDIUM WRITEUP
GPAC Project/MP4Box < 26.02.0 - Denial of Service via Crafted AC4 File
A NULL pointer dereference in the gf_odf_ac4_cfg_dsi_v1 function (/odf/descriptors.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted AC4 file.
CVSS 5.5
CVE-2025-60483 WRITEUP MEDIUM WRITEUP
GPAC Project/MP4Box < 26.02.0 - Denial of Service via Crafted AC4 File
A NULL pointer dereference in the gf_ac4_pres_b_4_back_channels_present function (/media_tools/av_parsers.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted AC4 file.
CVSS 5.5
CVE-2025-60485 WRITEUP MEDIUM WRITEUP
GPAC Project/MP4Box < 26.02.0 - Denial of Service via Crafted MP4 File
A segmentation violation in the gf_isom_apple_set_tag_ex function (/isomedia/isom_write.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVSS 5.5
CVE-2025-60486 WRITEUP MEDIUM WRITEUP
GPAC Project/MP4Box < 26.02.0 - Denial of Service via Heap Use-After-Free in dasher_process
A heap use-after-free in the dasher_process function (/filters/dasher.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MPEG-2 file.
CVSS 5.5
CVE-2026-9572 WRITEUP LOW WRITEUP
GPAC MP4Box media.c Media_GetSample memory leak
A security vulnerability has been detected in GPAC up to 2.4.0. Affected by this issue is the function Media_GetSample of the file src/isomedia/media.c of the component MP4Box. Such manipulation of the argument cat leads to memory leak. The attack can only be performed from a local environment. The exploit has been disclosed publicly and may be used. The name of the patch is e79c5cbe8b3fed27f4854ec229457d30c96206f1. It is best practice to apply a patch to resolve this issue.
CVSS 3.3
CVE-2026-9567 WRITEUP LOW WRITEUP
GPAC MP4Box isom_intern.c MergeFragment null pointer dereference
A security flaw has been discovered in GPAC up to 2.4.0. Affected is the function MergeFragment of the file src/isomedia/isom_intern.c of the component MP4Box. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks. The patch is identified as 525bf1af642c30af04e4df5345e6d798c0a4d8a1. It is advisable to implement a patch to correct this issue.
CVSS 3.3
CVE-2026-8124 WRITEUP LOW WRITEUP
GPAC box_code_base.c sidx_box_read allocation of resources
A security vulnerability has been detected in GPAC up to 26.02.0. This affects the function sidx_box_read of the file src/isomedia/box_code_base.c. The manipulation leads to allocation of resources. The attack must be carried out locally. The exploit has been disclosed publicly and may be used. The identifier of the patch is 442e2299530138d8f874fd885c565ba98a6318ba. It is suggested to install a patch to address this issue.
CVSS 3.3
CVE-2026-39103 WRITEUP MEDIUM WRITEUP
GPAC <v391dc7f4d234988ea0bc3cc294eb725eddf8f702 - Buffer Overflow
Buffer Overflow vulnerability in GPAC before commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 allows an attacker to cause a denial of service via the src/scenegraph/svg_attributes.c, svg_parse_strings(), gf_svg_parse_attribute()
CVSS 5.5
CVE-2026-7135 WRITEUP MEDIUM WRITEUP
GPAC MP4Box box_code_base.c elng_box_read out-of-bounds
A security flaw has been discovered in GPAC up to 26.03-DEV-rev105-g8f39a1eb3-master. Affected by this vulnerability is the function elng_box_read of the file src/isomedia/box_code_base.c of the component MP4Box. Performing a manipulation of the argument elng results in out-of-bounds read. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks. The patch is named cf6ac48c972eaaee2af270adc3f36615325deb3e. The affected component should be upgraded.
CVSS 5.3
CVE-2026-33144 WRITEUP MEDIUM WRITEUP
GPAC MP4Box Heap Buffer Overflow Write in gf_xml_parse_bit_sequence_bs (NHML BS Parsing)
GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-based buffer overflow (write) vulnerability was discovered in GPAC MP4Box. The vulnerability exists in the gf_xml_parse_bit_sequence_bs function in utils/xml_bin_custom.c when processing a crafted NHML file containing malicious <BS> (BitSequence) elements. An attacker can exploit this by providing a specially crafted NHML file, causing an out-of-bounds write on the heap. This issue has been via commit 86b0e36.
CVSS 5.8
CVE-2026-27821 WRITEUP HIGH WRITEUP
gpac <= 26.02.0 - Stack-based Buffer Overflow in NHML File Parser
GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in `src/filters/dmx_nhml.c`. The value of the xmlHeaderEnd XML attribute is copied from att->value into szXmlHeaderEnd[1000] using strcpy() without any length validation. If the input exceeds 1000 bytes, it overwrites beyond the stack buffer boundary. Commit 9bd7137fded2db40de61a2cf3045812c8741ec52 patches the issue.
CVSS 7.8
CVE-2018-13006 WRITEUP CRITICAL WRITEUP
Debian Linux - Out-of-Bounds Read
An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based buffer over-read in the isomedia/box_dump.c function hdlr_dump.
CVSS 9.8
CVE-2018-20760 WRITEUP HIGH WRITEUP
GPAC < 0.7.1 - Out-of-bounds Write in gf_text_get_utf8_line
In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled.
CVSS 7.8
CVE-2018-20761 WRITEUP HIGH WRITEUP
GPAC < 0.7.1 - Buffer Overflow in gf_sm_load_init
GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a.
CVSS 7.8
CVE-2018-20762 WRITEUP HIGH WRITEUP
GPAC < 0.7.1 - Buffer Overflow via Crafted Filenames in MP4Box
GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box is used for a local directory containing crafted filenames.
CVSS 7.8
CVE-2018-20763 WRITEUP HIGH WRITEUP
GPAC < 0.7.1 - Out-of-bounds Write in gf_text_get_utf8_line
In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking.
CVSS 7.8
CVE-2018-21017 WRITEUP MEDIUM WRITEUP
GPAC 0.7.1 - Use-After-Free in dinf_Read
GPAC 0.7.1 has a memory leak in dinf_Read in isomedia/box_code_base.c.
CVSS 6.5
CVE-2018-7752 WRITEUP HIGH WRITEUP
GPAC < 0.7.1 - Buffer Overflow in gf_media_avc_read_sps
GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps function in media_tools/av_parsers.c, a different vulnerability than CVE-2018-1000100.
CVSS 7.8
CVE-2019-11222 WRITEUP HIGH WRITEUP
GPAC 0.7.1 - Out-of-bounds Write in gf_bin128_parse
gf_bin128_parse in utils/os_divers.c in GPAC 0.7.1 has a buffer overflow issue for the crypt feature when encountering a crafted_drm_file.xml file.
CVSS 7.8
CVE-2019-20208 WRITEUP MEDIUM WRITEUP
GPAC 0.5.2-0.8.0 - Stack-based Buffer Overflow in dimC_Read
dimC_Read in isomedia/box_code_3gpp.c in GPAC from 0.5.2 to 0.8.0 has a stack-based buffer overflow.
CVSS 5.5
CVE-2020-11558 WRITEUP CRITICAL WRITEUP
GPAC 0.8.0 - Use-After-Free in audio_sample_entry_Read
An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by MP4Box. audio_sample_entry_Read in isomedia/box_code_base.c does not properly decide when to make gf_isom_box_del calls. This leads to various use-after-free outcomes involving mdia_Read, gf_isom_delete_movie, and gf_isom_parse_movie_boxes.
CVSS 9.8
CVE-2020-24829 WRITEUP MEDIUM WRITEUP
GPAC 0.5.2-0.8.0 - Heap-Based Buffer Overflow in MP4Box via Crafted MP4 File
An issue was discovered in GPAC from v0.5.2 to v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_section_complete in media_tools/mpegts.c that can cause a denial of service (DOS) via a crafted MP4 file.
CVSS 5.5
CVE-2023-0760 WRITEUP HIGH WRITEUP
gpac < 2.2.0 - Heap-based Buffer Overflow
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to V2.1.0-DEV.
CVSS 7.8
CVE-2023-0817 WRITEUP HIGH WRITEUP
gpac < 2.3.0-dev - Buffer Over-read
Buffer Over-read in GitHub repository gpac/gpac prior to v2.3.0-DEV.
CVSS 7.8