CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-0760 – Heap-based Buffer Overflow in gpac/gpac
https://notcve.org/view.php?id=CVE-2023-0760
09 Feb 2023 — Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to V2.1.0-DEV. Multiple security issues were discovered in the GPAC multimedia framework which could result in denial of service or the execution of arbitrary code. • https://github.com/gpac/gpac/commit/ea7395f39f601a7750d48d606e9d10ea0b7beefe • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-0770 – Stack-based Buffer Overflow in gpac/gpac
https://notcve.org/view.php?id=CVE-2023-0770
09 Feb 2023 — Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2. Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code. • https://github.com/gpac/gpac/commit/c31941822ee275a35bc148382bafef1c53ec1c26 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-23144 – Debian Security Advisory 5411-1
https://notcve.org/view.php?id=CVE-2023-23144
20 Jan 2023 — Integer overflow vulnerability in function Q_DecCoordOnUnitSphere file bifs/unquantize.c in GPAC version 2.2-rev0-gab012bbfb-master. Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code. • https://github.com/gpac/gpac/commit/3a2458a49b3e6399709d456d7b35e7a6f50cfb86 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-23145 – Debian Security Advisory 5411-1
https://notcve.org/view.php?id=CVE-2023-23145
20 Jan 2023 — GPAC version 2.2-rev0-gab012bbfb-master was discovered to contain a memory leak in lsr_read_rare_full function. Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code. • https://github.com/gpac/gpac/commit/4ade98128cbc41d5115b97a41ca2e59529c8dd5f • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0358 – Use After Free in gpac/gpac
https://notcve.org/view.php?id=CVE-2023-0358
18 Jan 2023 — Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV. Use After Free en el repositorio de GitHub gpac/gpac anterior a 2.3.0-DEV. • https://github.com/gpac/gpac/commit/9971fb125cf91cefd081a080c417b90bbe4a467b • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-46489 – Gentoo Linux Security Advisory 202408-21
https://notcve.org/view.php?id=CVE-2022-46489
05 Jan 2023 — GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the gf_isom_box_parse_ex function at box_funcs.c. Multiple vulnerabilities have been discovered in GPAC, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 2.2.0 are affected. • https://github.com/gpac/gpac/issues/2328 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-46490 – Gentoo Linux Security Advisory 202408-21
https://notcve.org/view.php?id=CVE-2022-46490
05 Jan 2023 — GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the afrt_box_read function at box_code_adobe.c. Multiple vulnerabilities have been discovered in GPAC, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 2.2.0 are affected. • https://github.com/gpac/gpac/issues/2327 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-47086 – Debian Security Advisory 5411-1
https://notcve.org/view.php?id=CVE-2022-47086
05 Jan 2023 — GPAC MP4Box v2.1-DEV-rev574-g9d5bb184b contains a segmentation violation via the function gf_sm_load_init_swf at scene_manager/swf_parse.c Multiple vulnerabilities have been discovered in GPAC, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 2.2.0 are affected. • https://github.com/gpac/gpac/issues/2337 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-47087 – Gentoo Linux Security Advisory 202408-21
https://notcve.org/view.php?id=CVE-2022-47087
05 Jan 2023 — GPAC MP4box 2.1-DEV-rev574-g9d5bb184b has a Buffer overflow in gf_vvc_read_pps_bs_internal function of media_tools/av_parsers.c Multiple vulnerabilities have been discovered in GPAC, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 2.2.0 are affected. • https://github.com/gpac/gpac/issues/2339 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-47088 – Gentoo Linux Security Advisory 202408-21
https://notcve.org/view.php?id=CVE-2022-47088
05 Jan 2023 — GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow. Multiple vulnerabilities have been discovered in GPAC, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 2.2.0 are affected. • https://github.com/gpac/gpac/issues/2340 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •