CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5595 – Denial of Service in gpac/gpac
https://notcve.org/view.php?id=CVE-2023-5595
16 Oct 2023 — Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV. Denegación de Servicio en el repositorio de GitHub gpac/gpac anterior a la versión 2.3.0-DEV. • https://github.com/gpac/gpac/commit/7a6f636db3360bb16d18078d51e8c596f31302a1 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5586 – NULL Pointer Dereference in gpac/gpac
https://notcve.org/view.php?id=CVE-2023-5586
15 Oct 2023 — NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3.0-DEV. Eliminación de referencia del puntero NULL en el repositorio de GitHub gpac/gpac anterior a 2.3.0-DEV. • https://github.com/gpac/gpac/commit/ca1b48f0abe71bf81a58995d7d75dc27f5a17ddc • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39562
https://notcve.org/view.php?id=CVE-2023-39562
28 Aug 2023 — GPAC v2.3-DEV-rev449-g5948e4f70-master was discovered to contain a heap-use-after-free via the gf_bs_align function at bitstream.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted file. • https://github.com/ChanStormstout/Pocs/blob/master/gpac_POC/id%3A000000%2Csig%3A06%2Csrc%3A003771%2Ctime%3A328254%2Cexecs%3A120473%2Cop%3Ahavoc%2Crep%3A8 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37174
https://notcve.org/view.php?id=CVE-2023-37174
11 Jul 2023 — GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the dump_isom_scene function at /mp4box/filedump.c. • https://github.com/gpac/gpac/issues/2505 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37767
https://notcve.org/view.php?id=CVE-2023-37767
11 Jul 2023 — GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the BM_ParseIndexValueReplace function at /lib/libgpac.so. • https://github.com/gpac/gpac/issues/2514 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37765
https://notcve.org/view.php?id=CVE-2023-37765
11 Jul 2023 — GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_dump_vrml_sffield function at /lib/libgpac.so. • https://github.com/gpac/gpac/issues/2515 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37766
https://notcve.org/view.php?id=CVE-2023-37766
11 Jul 2023 — GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_isom_remove_user_data function at /lib/libgpac.so. • https://github.com/gpac/gpac/issues/2516 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1655 – Heap-based Buffer Overflow in gpac/gpac
https://notcve.org/view.php?id=CVE-2023-1655
27 Mar 2023 — Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0. • https://github.com/gpac/gpac/commit/e7f96c2d3774e4ea25f952bcdf55af1dd6e919f4 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-1452 – GPAC load_text.c buffer overflow
https://notcve.org/view.php?id=CVE-2023-1452
17 Mar 2023 — A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file filters/load_text.c. The manipulation leads to buffer overflow. Local access is required to approach this attack. • https://github.com/gpac/gpac/issues/2386 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-1449 – GPAC av_parsers.c gf_av1_reset_state double free
https://notcve.org/view.php?id=CVE-2023-1449
17 Mar 2023 — A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master and classified as problematic. This vulnerability affects the function gf_av1_reset_state of the file media_tools/av_parsers.c. The manipulation leads to double free. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. • https://github.com/gpac/gpac/issues/2387 • CWE-415: Double Free •