jeanlf

110 exploits Active since Mar 2020
CVE-2021-31259 WRITEUP MEDIUM WRITEUP
Gpac - NULL Pointer Dereference
The gf_isom_cenc_get_default_info_internal function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-31260 WRITEUP MEDIUM WRITEUP
Gpac - NULL Pointer Dereference
The MergeTrack function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-31261 WRITEUP MEDIUM WRITEUP
Gpac - Memory Corruption
The gf_hinter_track_new function in GPAC 1.0.1 allows attackers to read memory via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-31262 WRITEUP MEDIUM WRITEUP
Gpac - NULL Pointer Dereference
The AV1_DuplicateConfig function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-32132 WRITEUP MEDIUM WRITEUP
Gpac - NULL Pointer Dereference
The abst_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-32134 WRITEUP MEDIUM WRITEUP
Gpac - NULL Pointer Dereference
The gf_odf_desc_copy function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-32135 WRITEUP MEDIUM WRITEUP
Gpac - NULL Pointer Dereference
The trak_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-32136 WRITEUP HIGH WRITEUP
Gpac - Out-of-Bounds Write
Heap buffer overflow in the print_udta function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
CVSS 7.8
CVE-2021-32137 WRITEUP MEDIUM WRITEUP
Gpac - Out-of-Bounds Write
Heap buffer overflow in the URL_GetProtocolType function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
CVSS 5.5
CVE-2021-32138 WRITEUP MEDIUM WRITEUP
Gpac - NULL Pointer Dereference
The DumpTrackInfo function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-32139 WRITEUP MEDIUM WRITEUP
Gpac - NULL Pointer Dereference
The gf_isom_vp_config_get function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-32268 WRITEUP HIGH WRITEUP
Gpac < 1.0.1 - Out-of-Bounds Write
Buffer overflow vulnerability in function gf_fprintf in os_file.c in gpac before 1.0.1 allows attackers to execute arbitrary code. The fixed version is 1.0.1.
CVSS 7.8
CVE-2021-32437 WRITEUP MEDIUM WRITEUP
Gpac - NULL Pointer Dereference
The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-32438 WRITEUP MEDIUM WRITEUP
Gpac - NULL Pointer Dereference
The gf_media_export_filters function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-32439 WRITEUP HIGH WRITEUP
Gpac - Buffer Overflow
Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
CVSS 7.8
CVE-2021-32440 WRITEUP MEDIUM WRITEUP
Gpac - NULL Pointer Dereference
The Media_RewriteODFrame function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-33361 WRITEUP MEDIUM WRITEUP
MP4Box <1.0.1 - Info Disclosure
Memory leak in the afra_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.
CVSS 5.5
CVE-2021-33362 WRITEUP HIGH WRITEUP
GPAC 1.0.1 - Buffer Overflow
Stack buffer overflow in the hevc_parse_vps_extension function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
CVSS 7.8
CVE-2021-33363 WRITEUP MEDIUM WRITEUP
MP4Box <1.0.1 - Info Disclosure
Memory leak in the infe_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.
CVSS 5.5
CVE-2021-33364 WRITEUP MEDIUM WRITEUP
GPAC 1.0.1 - Memory Corruption
Memory leak in the def_parent_box_new function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.
CVSS 5.5
CVE-2021-33365 WRITEUP MEDIUM WRITEUP
MP4Box <1.0.1 - Info Disclosure
Memory leak in the gf_isom_get_root_od function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.
CVSS 5.5
CVE-2021-33366 WRITEUP MEDIUM WRITEUP
MP4Box <1.0.1 - Memory Corruption
Memory leak in the gf_isom_oinf_read_entry function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.
CVSS 5.5
CVE-2021-40562 WRITEUP MEDIUM WRITEUP
Gpac <1.0.1 - Memory Corruption
A Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using mp4box via the naludmx_enqueue_or_dispatch function in reframe_nalu.c, which causes a denial of service.
CVSS 5.5
CVE-2021-40563 WRITEUP MEDIUM WRITEUP
Gpac <1.0.1 - Use After Free
A Segmentation fault exists casued by null pointer dereference exists in Gpac through 1.0.1 via the naludmx_create_avc_decoder_config function in reframe_nalu.c when using mp4box, which causes a denial of service.
CVSS 5.5
CVE-2021-40564 WRITEUP MEDIUM WRITEUP
Gpac <1.0.2 - Memory Corruption
A Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avc_parse_slice function in av_parsers.c when using mp4box, which causes a denial of service.
CVSS 5.5