Writeup Exploits

60,504 exploits tracked across all sources.

Sort: Activity Stars
CVE-2021-44926 WRITEUP MEDIUM
gpac 1.1.0-DEV - Null Pointer Dereference in gf_node_get_tag
A null pointer dereference vulnerability exists in gpac 1.1.0-DEV in the gf_node_get_tag function, which causes a segmentation fault and application crash.
CVSS 5.5
CVE-2021-44925 WRITEUP MEDIUM
gpac 1.1.0 - Null Pointer Dereference in gf_svg_get_attribute_name
A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_svg_get_attribute_name function, which causes a segmentation fault and application crash.
CVSS 5.5
CVE-2021-44924 WRITEUP MEDIUM
gpac 1.1.0 - Denial of Service via Infinite Loop in gf_log
An infinite loop vulnerability exists in gpac 1.1.0 in the gf_log function, which causes a Denial of Service.
CVSS 5.5
CVE-2021-44923 WRITEUP MEDIUM
gpac 0.9.0-1.1.0 - Null Pointer Dereference in gf_dump_vrml_dyn_field.isra
A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_dump_vrml_dyn_field.isra function, which causes a segmentation fault and application crash.
CVSS 5.5
CVE-2021-44922 WRITEUP MEDIUM
gpac 1.1.0 - Null Pointer Dereference in BD_CheckSFTimeOffset
A null pointer dereference vulnerability exists in gpac 1.1.0 in the BD_CheckSFTimeOffset function, which causes a segmentation fault and application crash.
CVSS 5.5
CVE-2021-44921 WRITEUP MEDIUM
gpac 1.1.0 - Null Pointer Dereference in gf_isom_parse_movie_boxes_internal
A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_isom_parse_movie_boxes_internal function, which causes a segmentation fault and application crash.
CVSS 5.5
CVE-2021-44920 WRITEUP MEDIUM
gpac 1.1.0 - Invalid Memory Address Dereference in dump_od_to_saf.isra
An invalid memory address dereference vulnerability exists in gpac 1.1.0 in the dump_od_to_saf.isra function, which causes a segmentation fault and application crash.
CVSS 5.5
CVE-2021-44919 WRITEUP MEDIUM
gpac 1.1.0-DEV - Null Pointer Dereference in gf_sg_vrml_mf_alloc
A Null Pointer Dereference vulnerability exists in the gf_sg_vrml_mf_alloc function in gpac 1.1.0-DEV, which causes a segmentation fault and application crash.
CVSS 5.5
CVE-2021-44918 WRITEUP MEDIUM
gpac 1.1.0 - Null Pointer Dereference in gf_node_get_field
A Null Pointer Dereference vulnerability exists in gpac 1.1.0 in the gf_node_get_field function, which can cause a segmentation fault and application crash.
CVSS 5.5
CVE-2021-41459 WRITEUP HIGH
MP4Box 1.0.1 - Denial of Service via Stack Buffer Overflow in nhmldmx_send_sample
There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1008 in the nhmldmx_send_sample() function szXmlFrom parameter which leads to a denial of service vulnerability.
CVSS 7.5
CVE-2021-41458 WRITEUP MEDIUM
GPAC MP4Box 1.1.0 - Denial of Service via Stack Buffer Overflow in Error Handling
In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability.
CVSS 5.5
CVE-2021-41457 WRITEUP HIGH
MP4Box 1.1.0 - Denial of Service via Stack Buffer Overflow in nhmldmx_init_parsing
There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nhml.c in nhmldmx_init_parsing which leads to a denial of service vulnerability.
CVSS 7.5
CVE-2021-41456 WRITEUP HIGH
MP4Box 1.0.1 - Denial of Service via Stack Buffer Overflow in nhmldmx_send_sample
There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1004 in the nhmldmx_send_sample() function szXmlTo parameter which leads to a denial of service vulnerability.
CVSS 7.5
CVE-2021-40944 WRITEUP MEDIUM
GPAC MP4Box 1.1.0 - Denial of Service via Null Pointer Dereference in gf_filter_pid_get_packet
In GPAC MP4Box 1.1.0, there is a Null pointer reference in the function gf_filter_pid_get_packet function in src/filter_core/filter_pid.c:5394, as demonstrated by GPAC. This can cause a denial of service (DOS).
CVSS 5.5
CVE-2021-40942 WRITEUP MEDIUM
GPAC MP4Box <1.1.0 - Buffer Overflow
In GPAC MP4Box v1.1.0, there is a heap-buffer-overflow in the function filter_parse_dyn_args function in filter_core/filter.c:1454, as demonstrated by GPAC. This can cause a denial of service (DOS).
CVSS 5.5
CVE-2021-40609 WRITEUP MEDIUM
GPAC < 2.0.0 - Denial of Service via Crafted MP4Box File
The GetHintFormat function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-40608 WRITEUP MEDIUM
GPAC < 2.0.0 - Denial of Service via Crafted MP4Box File
The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-40607 WRITEUP MEDIUM
GPAC < 2.0.0 - Denial of Service via Crafted MP4 File in MP4Box
The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-40606 WRITEUP MEDIUM
GPAC < 2.0.0 - Denial of Service via gf_bs_write_data in MP4Box
The gf_bs_write_data function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-40592 WRITEUP MEDIUM
GPAC < 1.0.1 - Denial of Service via Infinite Loop in ISOBMFF Reader
GPAC version before commit 71460d72ec07df766dab0a4d52687529f3efcf0a (version v1.0.1 onwards) contains loop with unreachable exit condition ('infinite loop') vulnerability in ISOBMFF reader filter, isoffin_read.c. Function isoffin_process() can result in DoS by infinite loop. To exploit, the victim must open a specially crafted mp4 file.
CVSS 5.5
CVE-2021-40576 WRITEUP MEDIUM
gpac 1.0.1 - Denial of Service via Null Pointer Dereference in gf_isom_get_payt_count
The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the gf_isom_get_payt_count function in hint_track.c, which allows attackers to cause a denial of service.
CVSS 5.5
CVE-2021-40575 WRITEUP MEDIUM
GPAC MP4Box - Denial of Service via Null Pointer Dereference in mpgviddmx_process
The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the mpgviddmx_process function in reframe_mpgvid.c, which allows attackers to cause a denial of service. This vulnerability is possibly due to an incomplete fix for CVE-2021-40566.
CVSS 5.5
CVE-2021-40574 WRITEUP HIGH
Gpac MP4Box <1.0.1 - Code Execution
The binary MP4Box in Gpac from 0.9.0-preview to 1.0.1 has a double-free vulnerability in the gf_text_get_utf8_line function in load_text.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.
CVSS 7.8
CVE-2021-40574 WRITEUP HIGH
Gpac MP4Box <1.0.1 - Code Execution
The binary MP4Box in Gpac from 0.9.0-preview to 1.0.1 has a double-free vulnerability in the gf_text_get_utf8_line function in load_text.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.
CVSS 7.8
CVE-2021-40574 WRITEUP HIGH
Gpac MP4Box <1.0.1 - Code Execution
The binary MP4Box in Gpac from 0.9.0-preview to 1.0.1 has a double-free vulnerability in the gf_text_get_utf8_line function in load_text.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.
CVSS 7.8
By Source
All 60,504 Writeup 60,504 Exploitdb 50,014 Nomisec 21,952 Metasploit 3,232 Github 2,971 Vulncheck_xdb 909 Inthewild 514 Gitlab 443 Gitee 415 Patchapalooza 312
By Language
text 31,346 python 6,222 ruby 5,922 c 3,592 perl 2,849 html 2,056 php 1,327 bash 460 java 364 c++ 252 javascript 220 shell 101 go 64 postscript 25 xml 24