Writeup Exploits

60,502 exploits tracked across all sources.

Sort: Activity Stars
CVE-2024-22749 WRITEUP HIGH
GPAC v2.3 - Buffer Overflow in gf_isom_new_generic_sample_description
GPAC v2.3 was detected to contain a buffer overflow via the function gf_isom_new_generic_sample_description function in the isomedia/isom_write.c:4577
CVSS 7.8
CVE-2023-50120 WRITEUP MEDIUM
GPAC 2.3-DEV-rev636-gfbd7e13aa-master - Denial of Service via Infinite Loop in av1_uvlc Function
MP4Box GPAC version 2.3-DEV-rev636-gfbd7e13aa-master was discovered to contain an infinite loop in the function av1_uvlc at media_tools/av_parsers.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
CVSS 5.5
CVE-2023-48958 WRITEUP MEDIUM
gpac 2.3-DEV-rev617-g671976fcc-master - Memory Leak in gf_mpd_resolve_url
gpac 2.3-DEV-rev617-g671976fcc-master contains memory leaks in gf_mpd_resolve_url media_tools/mpd.c:4589.
CVSS 5.5
CVE-2023-48090 WRITEUP HIGH
GPAC 2.3-DEV-rev617-g671976fcc-master - Memory Leak in extract_attributes Function
GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extract_attributes media_tools/m3u8.c:329.
CVSS 7.1
CVE-2023-48039 WRITEUP MEDIUM
GPAC 2.3-DEV-rev617-g671976fcc-master - Memory Leak in gf_mpd_parse_string
GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leak in gf_mpd_parse_string media_tools/mpd.c:75.
CVSS 5.5
CVE-2023-48014 WRITEUP HIGH
GPAC v2.3-DEV-rev566-g50c2ab06f-master - Stack Overflow in HEVC VPS Extension Parser
GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a stack overflow via the hevc_parse_vps_extension function at /media_tools/av_parsers.c.
CVSS 7.8
CVE-2023-48013 WRITEUP HIGH
GPAC v2.3-DEV-rev566-g50c2ab06f-master - Use-After-Free via gf_filterpacket_del Function
GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a double free via the gf_filterpacket_del function at /gpac/src/filter_core/filter.c.
CVSS 7.8
CVE-2023-48011 WRITEUP HIGH
GPAC v2.3-DEV-rev566-g50c2ab06f-master - Use-After-Free in flush_ref_samples
GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a heap-use-after-free via the flush_ref_samples function at /gpac/src/isomedia/movie_fragments.c.
CVSS 7.8
CVE-2023-47465 WRITEUP MEDIUM
GPAC < 2.2.1 - Denial of Service via ctts_box_read Function
An issue in GPAC v.2.2.1 and before allows a local attacker to cause a denial of service (DoS) via the ctts_box_read function of file src/isomedia/box_code_base.c.
CVSS 5.5
CVE-2023-47384 WRITEUP MEDIUM
gpac v2.3-DEV-rev617-g671976fcc-master - Denial of Service via Memory Leak in gf_isom_add_chapter
MP4Box GPAC v2.3-DEV-rev617-g671976fcc-master was discovered to contain a memory leak in the function gf_isom_add_chapter at /isomedia/isom_write.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
CVSS 5.5
CVE-2023-4683 WRITEUP MEDIUM
gpac < 2.3-dev - NULL Pointer Dereference
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3-DEV.
CVSS 5.5
CVE-2023-46932 WRITEUP CRITICAL
GPAC 2.3-DEV-rev617-g671976fcc-master - Heap Buffer Overflow in str2ulong Function
Heap Buffer Overflow vulnerability in GPAC version 2.3-DEV-rev617-g671976fcc-master, allows attackers to execute arbitrary code and cause a denial of service (DoS) via str2ulong class in src/media_tools/avilib.c in gpac/MP4Box.
CVSS 9.8
CVE-2023-46931 WRITEUP MEDIUM
GPAC 2.3-DEV-rev605-gfc9e29089-master - Buffer Overflow
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in ffdmx_parse_side_data /afltest/gpac/src/filters/ff_dmx.c:202:14 in gpac/MP4Box.
CVSS 5.5
CVE-2023-46930 WRITEUP MEDIUM
GPAC 2.3-DEV-rev605-gfc9e29089-master - Memory Corruption
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_isom_find_od_id_for_track /afltest/gpac/src/isomedia/media_odf.c:522:14.
CVSS 5.5
CVE-2023-46929 WRITEUP HIGH
GPAC 2.3-DEV-rev605-gfc9e29089-master - Denial of Service in MP4Box AVC VUI Parser
An issue discovered in GPAC 2.3-DEV-rev605-gfc9e29089-master in MP4Box in gf_avc_change_vui /afltest/gpac/src/media_tools/av_parsers.c:6872:55 allows attackers to crash the application.
CVSS 7.5
CVE-2023-46928 WRITEUP MEDIUM
GPAC 2.3-DEV-rev605-gfc9e29089-master - Memory Corruption
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_media_change_pl /afltest/gpac/src/media_tools/isom_tools.c:3293:42.
CVSS 5.5
CVE-2023-46927 WRITEUP MEDIUM
GPAC 2.3-DEV-rev605-gfc9e29089-master - Heap-Based Buffer Overflow in gf_isom_use_compact_size
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in gf_isom_use_compact_size gpac/src/isomedia/isom_write.c:3403:3 in gpac/MP4Box.
CVSS 5.5
CVE-2023-46871 WRITEUP MEDIUM
GPAC < 2.3-dev-rev602-ged8424300-master - Denial of Service via Memory Leak in NewSFDouble
GPAC version 2.3-DEV-rev602-ged8424300-master in MP4Box contains a memory leak in NewSFDouble scenegraph/vrml_tools.c:300. This vulnerability may lead to a denial of service.
CVSS 5.3
CVE-2023-46427 WRITEUP CRITICAL
Gpac <2.3-DEV-rev588-g7edc40fee-master - RCE/DoS/Info Disclosure
An issue was discovered in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers to execute arbitrary code, cause a denial of service (DoS), and obtain sensitive information via null pointer deference in gf_dash_setup_period component in media_tools/dash_client.c.
CVSS 9.8
CVE-2023-46426 WRITEUP HIGH
gpac 2.3-DEV-rev588-g7edc40fee-master - Heap-based Buffer Overflow in gf_fwrite
Heap-based Buffer Overflow vulnerability in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers to execute arbitrary code and cause a denial of service (DoS) via gf_fwrite component in at utils/os_file.c.
CVSS 8.8
CVE-2023-46001 WRITEUP MEDIUM
gpac MP4Box 2.3-DEV-rev573-g201320819-master - Buffer Overflow in gf_isom_get_user_data
Buffer Overflow vulnerability in gpac MP4Box v.2.3-DEV-rev573-g201320819-master allows a local attacker to cause a denial of service via the gpac/src/isomedia/isom_read.c:2807:51 function in gf_isom_get_user_data.
CVSS 5.5
CVE-2023-42298 WRITEUP MEDIUM
GPAC < 2.2.1 - Denial of Service via Q_DecCoordOnUnitSphere Function
An issue in GPAC GPAC v.2.2.1 and before allows a local attacker to cause a denial of service via the Q_DecCoordOnUnitSphere function of file src/bifs/unquantize.c.
CVSS 5.5
CVE-2023-41000 WRITEUP MEDIUM
GPAC < 2.2.1 - Use-After-Free in gf_bifs_flush_command_list
GPAC through 2.2.1 has a use-after-free vulnerability in the function gf_bifs_flush_command_list in bifs/memory_decoder.c.
CVSS 5.5
CVE-2023-39562 WRITEUP MEDIUM
GPAC v2.3-DEV-rev449-g5948e4f70-master - Use-After-Free in gf_bs_align Function
GPAC v2.3-DEV-rev449-g5948e4f70-master was discovered to contain a heap-use-after-free via the gf_bs_align function at bitstream.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted file.
CVSS 5.5
CVE-2023-37767 WRITEUP MEDIUM
GPAC v2.3-DEV-rev381-g817a848f6-master - Out-of-bounds Write in BM_ParseIndexValueReplace
GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the BM_ParseIndexValueReplace function at /lib/libgpac.so.
CVSS 5.5
By Source
All 60,502 Writeup 60,502 Exploitdb 50,014 Nomisec 21,946 Metasploit 3,232 Github 2,965 Vulncheck_xdb 909 Inthewild 514 Gitlab 443 Gitee 415 Patchapalooza 312
By Language
text 31,346 python 6,217 ruby 5,922 c 3,592 perl 2,849 html 2,056 php 1,327 bash 460 java 364 c++ 252 javascript 220 shell 100 go 64 postscript 25 xml 24