zhangteng0526 - Security Researcher - Exploit Intelligence Platform

CVE-2024-30808 WRITEUP LOW WRITEUP

Axiosys Bento4 - Use After Free

An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in AP4_SubStream::~AP4_SubStream at Ap4ByteStream.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42ts.

CVSS 2.7

View Code

CVE-2024-31002 WRITEUP CRITICAL WRITEUP

Axiosys Bento4 - Out-of-Bounds Write

Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4 BitReader::ReadCache() at Ap4Utils.cpp component.

CVSS 9.8

View Code

CVE-2024-31004 WRITEUP CRITICAL WRITEUP

Axiosys Bento4 - Code Injection

An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the Ap4StsdAtom.cpp,AP4_StsdAtom::AP4_StsdAtom,mp4fragment.

CVSS 9.8

View Code

CVE-2024-31005 WRITEUP HIGH WRITEUP

Axiosys Bento4 - Code Injection

An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the Ap4MdhdAtom.cpp,AP4_MdhdAtom::AP4_MdhdAtom,mp4fragment

CVSS 8.1

View Code

CVE-2024-40427 WRITEUP HIGH WRITEUP

PX4-Autopilot <1.14.3 - Buffer Overflow

Stack Buffer Overflow in PX4-Autopilot v1.14.3, which allows attackers to execute commands to exploit this vulnerability and cause the program to refuse to execute

CVSS 7.9

View Code