Writeup Exploits

60,504 exploits tracked across all sources.

Sort: Activity Stars
CVE-2021-32438 WRITEUP MEDIUM
GPAC 1.0.1 - Denial of Service via NULL Pointer Dereference in gf_media_export_filters
The gf_media_export_filters function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-32437 WRITEUP MEDIUM
GPAC 1.0.1 - Denial of Service via NULL Pointer Dereference in gf_hinter_finalize
The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-32271 WRITEUP HIGH
gpac < 1.0.1 - Stack-Based Buffer Overflow in DumpRawUIConfig
An issue was discovered in gpac through 20200801. A stack-buffer-overflow exists in the function DumpRawUIConfig located in odf_dump.c. It allows an attacker to cause code Execution.
CVSS 7.8
CVE-2021-32270 WRITEUP MEDIUM
gpac < 1.0.1 - Denial of Service via NULL Pointer Dereference in vwid_box_del
An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function vwid_box_del located in box_code_base.c. It allows an attacker to cause Denial of Service.
CVSS 5.5
CVE-2021-32269 WRITEUP MEDIUM
gpac < 1.0.1 - Denial of Service via NULL Pointer Dereference in ilst_item_box_dump
An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function ilst_item_box_dump located in box_dump.c. It allows an attacker to cause Denial of Service.
CVSS 5.5
CVE-2021-32268 WRITEUP HIGH
gpac < 1.0.1 - Out-of-bounds Write in gf_fprintf
Buffer overflow vulnerability in function gf_fprintf in os_file.c in gpac before 1.0.1 allows attackers to execute arbitrary code. The fixed version is 1.0.1.
CVSS 7.8
CVE-2021-32139 WRITEUP MEDIUM
GPAC 1.0.1 - Denial of Service via NULL Pointer Dereference in gf_isom_vp_config_get
The gf_isom_vp_config_get function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-32138 WRITEUP MEDIUM
GPAC 1.0.1 - Denial of Service via NULL Pointer Dereference in DumpTrackInfo
The DumpTrackInfo function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-32137 WRITEUP MEDIUM
GPAC 1.0.1 - Heap Buffer Overflow in URL_GetProtocolType
Heap buffer overflow in the URL_GetProtocolType function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
CVSS 5.5
CVE-2021-32136 WRITEUP HIGH
GPAC 1.0.1 - Heap Buffer Overflow in MP4Box print_udta Function
Heap buffer overflow in the print_udta function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
CVSS 7.8
CVE-2021-32135 WRITEUP MEDIUM
GPAC 1.0.1 - Denial of Service via Crafted MP4 File in MP4Box
The trak_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-32134 WRITEUP MEDIUM
GPAC 1.0.1 - Denial of Service via NULL Pointer Dereference in gf_odf_desc_copy
The gf_odf_desc_copy function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-32132 WRITEUP MEDIUM
GPAC 1.0.1 - Denial of Service via Crafted MP4Box File
The abst_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-31262 WRITEUP MEDIUM
GPAC 1.0.1 - Denial of Service via AV1_DuplicateConfig NULL Pointer Dereference
The AV1_DuplicateConfig function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-31261 WRITEUP MEDIUM
GPAC 1.0.1 - Memory Read via Crafted MP4Box File
The gf_hinter_track_new function in GPAC 1.0.1 allows attackers to read memory via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-31260 WRITEUP MEDIUM
GPAC 1.0.1 - Denial of Service via NULL Pointer Dereference in MergeTrack Function
The MergeTrack function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-31259 WRITEUP MEDIUM
GPAC 1.0.1 - Denial of Service via NULL Pointer Dereference in gf_isom_cenc_get_default_info_internal
The gf_isom_cenc_get_default_info_internal function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-31258 WRITEUP MEDIUM
GPAC 1.0.1 - Denial of Service via NULL Pointer Dereference in gf_isom_set_extraction_slc
The gf_isom_set_extraction_slc function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-31257 WRITEUP MEDIUM
GPAC 1.0.1 - Denial of Service via Crafted MP4Box HintFile Input
The HintFile function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
CVSS 5.5
CVE-2021-31256 WRITEUP MEDIUM
GPAC - Memory Leak in stbl_GetSampleInfos Function
Memory leak in the stbl_GetSampleInfos function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.
CVSS 5.5
CVE-2021-31255 WRITEUP HIGH
GPAC 1.0.1 - Buffer Overflow in MP4Box abst_box_read Function
Buffer overflow in the abst_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
CVSS 7.8
CVE-2021-31254 WRITEUP HIGH
GPAC 1.0.1 - Out-of-bounds Write in tenc_box_read Function
Buffer overflow in the tenc_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file, related invalid IV sizes.
CVSS 7.8
CVE-2021-30199 WRITEUP MEDIUM
GPAC 1.0.1 - Null Pointer Dereference in gf_filter_pck_get_data
In filters/reframe_latm.c in GPAC 1.0.1 there is a Null Pointer Dereference, when gf_filter_pck_get_data is called. The first arg pck may be null with a crafted mp4 file,which results in a crash.
CVSS 5.5
CVE-2021-30022 WRITEUP MEDIUM
GPAC 0.5.2-1.0.1 - Integer Overflow in av_parsers.c
There is a integer overflow in media_tools/av_parsers.c in the gf_avc_read_pps_bs_internal in GPAC from 0.5.2 to 1.0.1. pps_id may be a negative number, so it will not return. However, avc->pps only has 255 unit, so there is an overflow, which results a crash.
CVSS 5.5
CVE-2021-30022 WRITEUP MEDIUM
GPAC 0.5.2-1.0.1 - Integer Overflow in av_parsers.c
There is a integer overflow in media_tools/av_parsers.c in the gf_avc_read_pps_bs_internal in GPAC from 0.5.2 to 1.0.1. pps_id may be a negative number, so it will not return. However, avc->pps only has 255 unit, so there is an overflow, which results a crash.
CVSS 5.5
By Source
All 60,504 Writeup 60,504 Exploitdb 50,014 Nomisec 21,952 Metasploit 3,232 Github 2,971 Vulncheck_xdb 909 Inthewild 514 Gitlab 443 Gitee 415 Patchapalooza 312
By Language
text 31,346 python 6,222 ruby 5,922 c 3,592 perl 2,849 html 2,056 php 1,327 bash 460 java 364 c++ 252 javascript 220 shell 101 go 64 postscript 25 xml 24