CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2022-4584 – Axiomatic Bento4 mp42aac heap-based overflow
https://notcve.org/view.php?id=CVE-2022-4584
A vulnerability was found in Axiomatic Bento4 up to 1.6.0-639. It has been rated as critical. Affected by this issue is some unknown functionality of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. • https://github.com/axiomatic-systems/Bento4/files/10095915/POC2.tar.gz https://github.com/axiomatic-systems/Bento4/issues/818 https://vuldb.com/?ctiid.216170 https://vuldb.com/?id.216170 • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2022-3809 – Axiomatic Bento4 mp4tag Mp4Tag.cpp ParseCommandLine denial of service
https://notcve.org/view.php?id=CVE-2022-3809
A vulnerability was found in Axiomatic Bento4 and classified as problematic. Affected by this issue is the function ParseCommandLine of the file Mp4Tag/Mp4Tag.cpp of the component mp4tag. The manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/axiomatic-systems/Bento4/files/9653209/poc_Bento4.zip https://github.com/axiomatic-systems/Bento4/issues/779 https://vuldb.com/?id.212666 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2022-3810 – Axiomatic Bento4 mp42hevc Mp42Hevc.cpp AP4_File denial of service
https://notcve.org/view.php?id=CVE-2022-3810
A vulnerability was found in Axiomatic Bento4. It has been classified as problematic. This affects the function AP4_File::AP4_File of the file Mp42Hevc.cpp of the component mp42hevc. The manipulation leads to denial of service. It is possible to initiate the attack remotely. • https://github.com/axiomatic-systems/Bento4/files/9653209/poc_Bento4.zip https://github.com/axiomatic-systems/Bento4/issues/779 https://vuldb.com/?id.212667 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-41841
https://notcve.org/view.php?id=CVE-2022-41841
An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_File::ParseStream in Core/Ap4File.cpp, which is called from AP4_File::AP4_File. Se ha detectado un problema en Bento4 versiones hasta 1.6.0-639. Es producida una desreferencia de puntero NULL en la función AP4_File::ParseStream en el archivo Core/Ap4File.cpp, que es llamada desde AP4_File::AP4_File • https://github.com/axiomatic-systems/Bento4/issues/779 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-40774
https://notcve.org/view.php?id=CVE-2022-40774
An issue was discovered in Bento4 through 1.6.0-639. There is a NULL pointer dereference in AP4_StszAtom::GetSampleSize. Se ha detectado un problema en Bento4 versiones hasta 1.6.0-639. Es producida una desreferencia de puntero NULL en la función AP4_StszAtom::GetSampleSize • https://github.com/axiomatic-systems/Bento4/issues/757 • CWE-476: NULL Pointer Dereference •