CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1655 – Heap-based Buffer Overflow in gpac/gpac
https://notcve.org/view.php?id=CVE-2023-1655
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0. • https://github.com/gpac/gpac/commit/e7f96c2d3774e4ea25f952bcdf55af1dd6e919f4 https://huntr.dev/bounties/05f1d1de-bbfd-43fe-bdf9-7f73419ce7c9 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1654 – Denial of Service in gpac/gpac
https://notcve.org/view.php?id=CVE-2023-1654
Denial of Service in GitHub repository gpac/gpac prior to 2.4.0. • https://github.com/gpac/gpac/commit/2c055153d401b8c49422971e3a0159869652d3da https://huntr.dev/bounties/33652b56-128f-41a7-afcc-10641f69ff14 https://www.debian.org/security/2023/dsa-5411 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-1452 – GPAC load_text.c buffer overflow
https://notcve.org/view.php?id=CVE-2023-1452
A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file filters/load_text.c. The manipulation leads to buffer overflow. Local access is required to approach this attack. • https://github.com/gpac/gpac/issues/2386 https://github.com/xxy1126/Vuln/blob/main/gpac/1.mp4 https://vuldb.com/?ctiid.223297 https://vuldb.com/?id.223297 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-1449 – GPAC av_parsers.c gf_av1_reset_state double free
https://notcve.org/view.php?id=CVE-2023-1449
A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master and classified as problematic. This vulnerability affects the function gf_av1_reset_state of the file media_tools/av_parsers.c. The manipulation leads to double free. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. • https://github.com/gpac/gpac/issues/2387 https://github.com/xxy1126/Vuln/blob/main/gpac/2 https://vuldb.com/?ctiid.223294 https://vuldb.com/?id.223294 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-1448 – GPAC mpegts.c gf_m2ts_process_sdt heap-based overflow
https://notcve.org/view.php?id=CVE-2023-1448
A vulnerability, which was classified as problematic, was found in GPAC 2.3-DEV-rev35-gbbca86917-master. This affects the function gf_m2ts_process_sdt of the file media_tools/mpegts.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. • https://github.com/gpac/gpac/issues/2388 https://github.com/xxy1126/Vuln/blob/main/gpac/3 https://vuldb.com/?ctiid.223293 https://vuldb.com/?id.223293 • CWE-122: Heap-based Buffer Overflow •