Search CVE reports


Toggle filters

41 – 50 of 430 results


CVE-2025-60483

Medium priority
Needs evaluation

A NULL pointer dereference in the gf_ac4_pres_b_4_back_channels_present function (/media_tools/av_parsers.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted AC4 file.

1 affected package

gpac

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gpac Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2025-60481

Medium priority
Needs evaluation

A NULL pointer dereference in the gf_odf_ac4_cfg_dsi_v1 function (/odf/descriptors.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted AC4 file.

1 affected package

gpac

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gpac Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2025-55664

Medium priority
Needs evaluation

A heap buffer overflow in the m2tsdmx_send_packet function (filters/dmx_m2ts.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.

1 affected package

gpac

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gpac Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2025-70116

Medium priority
Needs evaluation

A NULL pointer dereference in GPAC MP4Box: when parsing certain truncated MP4 files, an unknown/invalid stsd entry can result in missing descriptor fields (e.g., codec/mime/profile strings). gf_media_map_esd then calls strlen() on...

1 affected package

gpac

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gpac Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-9572

Medium priority
Needs evaluation

A security vulnerability has been detected in GPAC up to 2.4.0. Affected by this issue is the function Media_GetSample of the file src/isomedia/media.c of the component MP4Box. Such manipulation of the argument cat leads to memory...

1 affected package

gpac

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gpac Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-9567

Medium priority
Needs evaluation

A security flaw has been discovered in GPAC up to 2.4.0. Affected is the function MergeFragment of the file src/isomedia/isom_intern.c of the component MP4Box. The manipulation results in null pointer dereference. The attack needs...

1 affected package

gpac

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gpac Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-8124

Medium priority
Needs evaluation

A security vulnerability has been detected in GPAC up to 26.02.0. This affects the function sidx_box_read of the file src/isomedia/box_code_base.c. The manipulation leads to allocation of resources. The attack must be carried out...

1 affected package

gpac

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gpac Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-39103

Medium priority
Needs evaluation

Buffer Overflow vulnerability in GPAC before commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 allows an attacker to cause a denial of service via the src/scenegraph/svg_attributes.c, svg_parse_strings(), gf_svg_parse_attribute()

1 affected package

gpac

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gpac Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-7135

Medium priority
Needs evaluation

A security flaw has been discovered in GPAC up to 26.03-DEV-rev105-g8f39a1eb3-master. Affected by this vulnerability is the function elng_box_read of the file src/isomedia/box_code_base.c of the component MP4Box. Performing a...

1 affected package

gpac

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gpac Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-33144

Medium priority
Needs evaluation

GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-based buffer overflow (write) vulnerability was discovered in GPAC MP4Box. The vulnerability exists in the gf_xml_parse_bit_sequence_bs function in...

1 affected package

gpac

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gpac Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages