GoPro Inc

5 exploits Active since Oct 2020
CVE-2020-16161 WRITEUP HIGH WRITEUP
GoPro gpmf-parser 1.5 - Denial of Service via Division By Zero in GPMF_ScaledData()
GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_ScaledData(). Parsing malicious input can result in a crash.
CVSS 7.5
CVE-2020-16158 WRITEUP HIGH WRITEUP
gopro/gpmf-parser < 1.5 - Stack Out-of-Bounds Write in GPMF_ExpandComplexTYPE()
GoPro gpmf-parser through 1.5 has a stack out-of-bounds write vulnerability in GPMF_ExpandComplexTYPE(). Parsing malicious input can result in a crash or potentially arbitrary code execution.
CVSS 8.8
CVE-2020-16159 WRITEUP CRITICAL WRITEUP
GoPro gpmf-parser 1.5 - Heap Out-of-Bounds Read in GPMF_ScaledData()
GoPro gpmf-parser 1.5 has a heap out-of-bounds read and segfault in GPMF_ScaledData(). Parsing malicious input can result in a crash or information disclosure.
CVSS 9.1
CVE-2020-16160 WRITEUP HIGH WRITEUP
gopro gpmf-parser 1.5 - Denial of Service via Division By Zero in GPMF_Decompress()
GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_Decompress(). Parsing malicious input can result in a crash.
CVSS 7.5
CVE-2020-16161 WRITEUP HIGH WRITEUP
GoPro gpmf-parser 1.5 - Denial of Service via Division By Zero in GPMF_ScaledData()
GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_ScaledData(). Parsing malicious input can result in a crash.
CVSS 7.5