Axiosys

axiosys

156 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Bento4

bento4

156 CVEs

CVEs (156)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-8537 1Axiosys 1Bento4 Apr 29, 2026 Aug 5, 2025 2.9 LOW· v4 5.9 MEDIUM· v3 2.6 LOW· v2 A vulnerability, which was classified as problematic, was found in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4_DataBuffer::SetDataSize of the file Mp4Decrypt.cpp of the component mp4decrypt. The manipu...Show more A vulnerability, which was classified as problematic, was found in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4_DataBuffer::SetDataSize of the file Mp4Decrypt.cpp of the component mp4decrypt. The manipulation leads to allocation of resources. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-25947 1Axiosys 1Bento4 May 13, 2025 Feb 19, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An issue in Bento4 v1.6.0-641 allows an attacker to trigger a segmentation fault via Ap4Atom.cpp, specifically in AP4_AtomParent::RemoveChild, during the execution of mp4encrypt with a specially crafted MP4 input file.
CVE-2025-25946 1Axiosys 1Bento4 Jun 9, 2025 Feb 19, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An issue in Bento4 v1.6.0-641 allows an attacker to cause a memory leak via Ap4Marlin.cpp and Ap4Processor.cpp, specifically in AP4_MarlinIpmpEncryptingProcessor::Initialize and AP4_Processor::Process, during the executi...Show more An issue in Bento4 v1.6.0-641 allows an attacker to cause a memory leak via Ap4Marlin.cpp and Ap4Processor.cpp, specifically in AP4_MarlinIpmpEncryptingProcessor::Initialize and AP4_Processor::Process, during the execution of mp4encrypt with a specially crafted MP4 input file.Show less
CVE-2025-25945 1Axiosys 1Bento4 May 13, 2025 Feb 19, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the Mp4Fragment.cpp and in AP4_DescriptorFactory::CreateDescriptorFromStream at Ap4DescriptorFactory.cpp.
CVE-2025-25944 1Axiosys 1Bento4 May 13, 2025 Feb 19, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the Ap4RtpAtom.cpp, specifically in AP4_RtpAtom::AP4_RtpAtom, during the execution of mp4fragment with a crafted M...Show more Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the Ap4RtpAtom.cpp, specifically in AP4_RtpAtom::AP4_RtpAtom, during the execution of mp4fragment with a crafted MP4 input file.Show less
CVE-2025-25943 1Axiosys 1Bento4 May 13, 2025 Feb 19, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the AP4_Stz2Atom::AP4_Stz2Atom component located in Ap4Stz2Atom.cpp.
CVE-2025-25942 1Axiosys 1Bento4 May 13, 2025 Feb 19, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the mp4fragment tool when processing invalid files. Specifically, memory allocated in SampleArray::SampleArray in Mp4Fragment.cpp i...Show more An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the mp4fragment tool when processing invalid files. Specifically, memory allocated in SampleArray::SampleArray in Mp4Fragment.cpp is not properly released.Show less
CVE-2024-57598 1Axiosys 1Bento4 May 15, 2025 Feb 5, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A floating point exception (divide-by-zero) vulnerability was discovered in Bento4 1.6.0-641 in function AP4_TfraAtom() of Ap4TfraAtom.cpp which allows a remote attacker to cause a denial of service vulnerability.
CVE-2025-0870 1Axiosys 1Bento4 Feb 28, 2025 Jan 30, 2025 6.3 MEDIUM· v4 5.9 MEDIUM· v3 5.1 MEDIUM· v2 A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4_DataBuffer::GetData in the library Ap4DataBuffer.h. The manipulation leads to heap-...Show more A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4_DataBuffer::GetData in the library Ap4DataBuffer.h. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.Show less
CVE-2025-0753 1Axiosys 1Bento4 Feb 28, 2025 Jan 27, 2025 6.9 MEDIUM· v4 6.5 MEDIUM· v3 7.5 HIGH· v2 A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0. This vulnerability affects the function AP4_StdcFileByteStream::ReadPartial of the component mp42aac. The manipulation leads to heap-based...Show more A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0. This vulnerability affects the function AP4_StdcFileByteStream::ReadPartial of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-0751 1Axiosys 1Bento4 Feb 28, 2025 Jan 27, 2025 6.9 MEDIUM· v4 6.5 MEDIUM· v3 7.5 HIGH· v2 A vulnerability classified as critical has been found in Axiomatic Bento4 up to 1.6.0. This affects the function AP4_BitReader::ReadBits of the component mp42aac. The manipulation leads to heap-based buffer overflow. It...Show more A vulnerability classified as critical has been found in Axiomatic Bento4 up to 1.6.0. This affects the function AP4_BitReader::ReadBits of the component mp42aac. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-30809 1Axiosys 1Bento4 May 27, 2025 Apr 2, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in Ap4Sample.h in AP4_Sample::GetOffset() const, leading to a Denial of Service (DoS), as demonstrated by mp42ts.
CVE-2024-30808 1Axiosys 1Bento4 May 27, 2025 Apr 2, 2024 N/A· v4 2.7 LOW· v3 N/A· v2 An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in AP4_SubStream::~AP4_SubStream at Ap4ByteStream.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42ts.
CVE-2024-30807 1Axiosys 1Bento4 May 27, 2025 Apr 2, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in AP4_UnknownAtom::~AP4_UnknownAtom at Ap4Atom.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42ts.
CVE-2024-30806 1Axiosys 1Bento4 May 27, 2025 Apr 2, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42aac.
CVE-2024-31005 1Axiosys 1Bento4 May 7, 2025 Apr 2, 2024 N/A· v4 8.1 HIGH· v3 N/A· v2 An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the Ap4MdhdAtom.cpp,AP4_MdhdAtom::AP4_MdhdAtom,mp4fragment
CVE-2024-31004 1Axiosys 1Bento4 Mar 27, 2025 Apr 2, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the Ap4StsdAtom.cpp,AP4_StsdAtom::AP4_StsdAtom,mp4fragment.
CVE-2024-31003 1Axiosys 1Bento4 May 7, 2025 Apr 2, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4_MemoryByteStream::WritePartial at Ap4ByteStream.cpp.
CVE-2024-31002 1Axiosys 1Bento4 May 7, 2025 Apr 2, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4 BitReader::ReadCache() at Ap4Utils.cpp component.
CVE-2024-24155 1Axiosys 1Bento4 Jan 16, 2025 Feb 29, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Bento4 v1.5.1-628 contains a Memory leak on AP4_Movie::AP4_Movie, parsing tracks and added into m_Tracks list, but mp42aac cannot correctly delete when we got an no audio track found error. This vulnerability allows atta...Show more Bento4 v1.5.1-628 contains a Memory leak on AP4_Movie::AP4_Movie, parsing tracks and added into m_Tracks list, but mp42aac cannot correctly delete when we got an no audio track found error. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted mp4 file.Show less

12 3 4 5...8 Next