Total
146 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-57598 | 1 Axiosys | 1 Bento4 | 2025-05-15 | N/A | 6.5 MEDIUM |
| A floating point exception (divide-by-zero) vulnerability was discovered in Bento4 1.6.0-641 in function AP4_TfraAtom() of Ap4TfraAtom.cpp which allows a remote attacker to cause a denial of service vulnerability. | |||||
| CVE-2025-25947 | 1 Axiosys | 1 Bento4 | 2025-05-13 | N/A | 5.5 MEDIUM |
| An issue in Bento4 v1.6.0-641 allows an attacker to trigger a segmentation fault via Ap4Atom.cpp, specifically in AP4_AtomParent::RemoveChild, during the execution of mp4encrypt with a specially crafted MP4 input file. | |||||
| CVE-2025-25946 | 1 Axiosys | 1 Bento4 | 2025-05-13 | N/A | 5.5 MEDIUM |
| An issue in Bento4 v1.6.0-641 allows an attacker to cause a memory leak via Ap4Marlin.cpp and Ap4Processor.cpp, specifically in AP4_MarlinIpmpEncryptingProcessor::Initialize and AP4_Processor::Process, during the execution of mp4encrypt with a specially crafted MP4 input file. | |||||
| CVE-2025-25945 | 1 Axiosys | 1 Bento4 | 2025-05-13 | N/A | 6.5 MEDIUM |
| An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the Mp4Fragment.cpp and in AP4_DescriptorFactory::CreateDescriptorFromStream at Ap4DescriptorFactory.cpp. | |||||
| CVE-2025-25944 | 1 Axiosys | 1 Bento4 | 2025-05-13 | N/A | 7.3 HIGH |
| Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the Ap4RtpAtom.cpp, specifically in AP4_RtpAtom::AP4_RtpAtom, during the execution of mp4fragment with a crafted MP4 input file. | |||||
| CVE-2025-25943 | 1 Axiosys | 1 Bento4 | 2025-05-13 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the AP4_Stz2Atom::AP4_Stz2Atom component located in Ap4Stz2Atom.cpp. | |||||
| CVE-2025-25942 | 1 Axiosys | 1 Bento4 | 2025-05-13 | N/A | 6.5 MEDIUM |
| An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the mp4fragment tool when processing invalid files. Specifically, memory allocated in SampleArray::SampleArray in Mp4Fragment.cpp is not properly released. | |||||
| CVE-2022-40885 | 1 Axiosys | 1 Bento4 | 2025-05-09 | N/A | 5.5 MEDIUM |
| Bento4 v1.6.0-639 has a memory allocation issue that can cause denial of service. | |||||
| CVE-2022-40884 | 1 Axiosys | 1 Bento4 | 2025-05-09 | N/A | 5.5 MEDIUM |
| Bento4 1.6.0 has memory leaks via the mp4fragment. | |||||
| CVE-2022-43038 | 1 Axiosys | 1 Bento4 | 2025-05-08 | N/A | 6.5 MEDIUM |
| Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadCache() function in mp42ts. | |||||
| CVE-2022-43037 | 1 Axiosys | 1 Bento4 | 2025-05-08 | N/A | 6.5 MEDIUM |
| An issue was discovered in Bento4 1.6.0-639. There is a memory leak in the function AP4_File::ParseStream in /Core/Ap4File.cpp. | |||||
| CVE-2022-43035 | 1 Axiosys | 1 Bento4 | 2025-05-08 | N/A | 6.5 MEDIUM |
| An issue was discovered in Bento4 v1.6.0-639. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42aac. | |||||
| CVE-2022-43034 | 1 Axiosys | 1 Bento4 | 2025-05-08 | N/A | 6.5 MEDIUM |
| An issue was discovered in Bento4 v1.6.0-639. There is a heap buffer overflow vulnerability in the AP4_BitReader::SkipBits(unsigned int) function in mp42ts. | |||||
| CVE-2022-43033 | 1 Axiosys | 1 Bento4 | 2025-05-08 | N/A | 6.5 MEDIUM |
| An issue was discovered in Bento4 1.6.0-639. There is a bad free in the component AP4_HdlrAtom::~AP4_HdlrAtom() which allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2022-43032 | 1 Axiosys | 1 Bento4 | 2025-05-08 | N/A | 6.5 MEDIUM |
| An issue was discovered in Bento4 v1.6.0-639. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp, as demonstrated by mp42aac. | |||||
| CVE-2024-25454 | 1 Axiosys | 1 Bento4 | 2025-05-08 | N/A | 5.5 MEDIUM |
| Bento4 v1.6.0-640 was discovered to contain a NULL pointer dereference via the AP4_DescriptorFinder::Test() function. | |||||
| CVE-2024-31002 | 1 Axiosys | 1 Bento4 | 2025-05-07 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4 BitReader::ReadCache() at Ap4Utils.cpp component. | |||||
| CVE-2024-31003 | 1 Axiosys | 1 Bento4 | 2025-05-07 | N/A | 8.8 HIGH |
| Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4_MemoryByteStream::WritePartial at Ap4ByteStream.cpp. | |||||
| CVE-2024-31005 | 1 Axiosys | 1 Bento4 | 2025-05-07 | N/A | 8.1 HIGH |
| An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the Ap4MdhdAtom.cpp,AP4_MdhdAtom::AP4_MdhdAtom,mp4fragment | |||||
| CVE-2017-14260 | 1 Axiosys | 1 Bento4 | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| In the SDK in Bento4 1.5.0-616, the AP4_StssAtom class in Ap4StssAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file. | |||||