CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-24155
https://notcve.org/view.php?id=CVE-2024-24155
28 Feb 2024 — Bento4 v1.5.1-628 contains a Memory leak on AP4_Movie::AP4_Movie, parsing tracks and added into m_Tracks list, but mp42aac cannot correctly delete when we got an no audio track found error. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted mp4 file. Bento4 v1.5.1-628 contiene una pérdida de memoria en AP4_Movie::AP4_Movie, analizando pistas y agregándolas a la lista m_Tracks, pero mp42aac no puede eliminarse correctamente cuando recibimos un error de no encontrar pista de ... • https://github.com/axiomatic-systems/Bento4/issues/919 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2024-25453
https://notcve.org/view.php?id=CVE-2024-25453
09 Feb 2024 — Bento4 v1.6.0-640 was discovered to contain a NULL pointer dereference via the AP4_StszAtom::GetSampleSize() function. Se descubrió que Bento4 v1.6.0-640 contenía una desreferencia de puntero NULL a través de la función AP4_StszAtom::GetSampleSize(). • https://github.com/axiomatic-systems/Bento4/issues/204 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-25452
https://notcve.org/view.php?id=CVE-2024-25452
09 Feb 2024 — Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4_UrlAtom::AP4_UrlAtom() function. Se descubrió que Bento4 v1.6.0-640 contenía un error de falta de memoria a través de la función AP4_UrlAtom::AP4_UrlAtom(). • https://github.com/axiomatic-systems/Bento4/issues/873 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-25454
https://notcve.org/view.php?id=CVE-2024-25454
09 Feb 2024 — Bento4 v1.6.0-640 was discovered to contain a NULL pointer dereference via the AP4_DescriptorFinder::Test() function. Se descubrió que Bento4 v1.6.0-640 contenía una desreferencia de puntero NULL a través de la función AP4_DescriptorFinder::Test(). • https://github.com/axiomatic-systems/Bento4/issues/875 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-25451
https://notcve.org/view.php?id=CVE-2024-25451
09 Feb 2024 — Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4_DataBuffer::ReallocateBuffer() function. Se descubrió que Bento4 v1.6.0-640 contenía un error de falta de memoria a través de la función AP4_DataBuffer::ReallocateBuffer(). • https://github.com/axiomatic-systems/Bento4/issues/872 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38666
https://notcve.org/view.php?id=CVE-2023-38666
22 Aug 2023 — Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_Processor::ProcessFragments function in mp4encrypt. Se ha descubierto que Bento4 v1.6.0-639 contiene una violación de segmentación a través de la función "AP4_Processor::ProcessFragments" en "mp4encrypt". • https://github.com/axiomatic-systems/Bento4/issues/784 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-29575
https://notcve.org/view.php?id=CVE-2023-29575
21 Apr 2023 — Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42aac component. • https://github.com/axiomatic-systems/Bento4/issues/842 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-29573
https://notcve.org/view.php?id=CVE-2023-29573
13 Apr 2023 — Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp4info component. • https://github.com/axiomatic-systems/Bento4/issues/840 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-29574
https://notcve.org/view.php?id=CVE-2023-29574
12 Apr 2023 — Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42avc component. • https://github.com/axiomatic-systems/Bento4/issues/841 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-29576
https://notcve.org/view.php?id=CVE-2023-29576
11 Apr 2023 — Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_TrunAtom::SetDataOffset(int) function in Ap4TrunAtom.h. • https://github.com/axiomatic-systems/Bento4/issues/844 • CWE-125: Out-of-bounds Read •