Vulnerabilities > Axiosys > Bento4 > 1.5.0.617

DATE CVE VULNERABILITY TITLE RISK
2021-08-17 CVE-2020-23333 Out-of-bounds Write vulnerability in Axiosys Bento4
A heap-based buffer overflow exists in the AP4_CttsAtom::AP4_CttsAtom component located in /Core/Ap4Utils.h of Bento4 version 06c39d9.
network
low complexity
axiosys CWE-787
7.5
2021-08-17 CVE-2020-23334 Out-of-bounds Write vulnerability in Axiosys Bento4
A WRITE memory access in the AP4_NullTerminatedStringAtom::AP4_NullTerminatedStringAtom component of Bento4 version 06c39d9 can lead to a segmentation fault.
network
low complexity
axiosys CWE-787
7.5
2021-08-05 CVE-2021-35306 NULL Pointer Dereference vulnerability in Axiosys Bento4
An issue was discovered in Bento4 through v1.6.0-636.
network
low complexity
axiosys CWE-476
6.5
2021-08-05 CVE-2021-35307 NULL Pointer Dereference vulnerability in Axiosys Bento4
An issue was discovered in Bento4 through v1.6.0-636.
network
low complexity
axiosys CWE-476
6.5
2021-04-21 CVE-2020-23912 NULL Pointer Dereference vulnerability in Axiosys Bento4
An issue was discovered in Bento4 through v1.6.0-637.
local
low complexity
axiosys CWE-476
5.5
2017-09-21 CVE-2017-14646 Out-of-bounds Read vulnerability in Axiosys Bento4 1.5.0617
The AP4_AvccAtom and AP4_HvccAtom classes in Bento4 version 1.5.0-617 do not properly validate data sizes, leading to a heap-based buffer over-read and application crash in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp.
network
low complexity
axiosys CWE-125
7.5