Vulnerabilities > Axiosys > Bento4 > 1.4.3.599

DATE CVE VULNERABILITY TITLE RISK
2021-08-17 CVE-2020-23333 Out-of-bounds Write vulnerability in Axiosys Bento4
A heap-based buffer overflow exists in the AP4_CttsAtom::AP4_CttsAtom component located in /Core/Ap4Utils.h of Bento4 version 06c39d9.
network
low complexity
axiosys CWE-787
7.5
2021-08-17 CVE-2020-23334 Out-of-bounds Write vulnerability in Axiosys Bento4
A WRITE memory access in the AP4_NullTerminatedStringAtom::AP4_NullTerminatedStringAtom component of Bento4 version 06c39d9 can lead to a segmentation fault.
network
low complexity
axiosys CWE-787
7.5
2021-08-05 CVE-2021-35306 NULL Pointer Dereference vulnerability in Axiosys Bento4
An issue was discovered in Bento4 through v1.6.0-636.
network
low complexity
axiosys CWE-476
6.5
2021-08-05 CVE-2021-35307 NULL Pointer Dereference vulnerability in Axiosys Bento4
An issue was discovered in Bento4 through v1.6.0-636.
network
low complexity
axiosys CWE-476
6.5
2021-04-21 CVE-2020-23912 NULL Pointer Dereference vulnerability in Axiosys Bento4
An issue was discovered in Bento4 through v1.6.0-637.
local
low complexity
axiosys CWE-476
5.5
2017-09-06 CVE-2017-12475 NULL Pointer Dereference vulnerability in Axiosys Bento4
The AP4_Processor::Process function in Core/Ap4Processor.cpp in Bento4 mp4encrypt before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file.
local
low complexity
axiosys CWE-476
5.5