Vulnerabilities > Axiosys > Bento4 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-13 | CVE-2020-19721 | Out-of-bounds Write vulnerability in Axiosys Bento4 1.5.1628 A heap buffer overflow vulnerability in Ap4TrunAtom.cpp of Bento 1.5.1-628 may lead to an out-of-bounds write while running mp42aac, leading to system crashes and a denial of service (DOS). | 6.5 |
| 2021-07-13 | CVE-2020-19722 | Classic Buffer Overflow vulnerability in Axiosys Bento4 1.5.1628 An unhandled memory allocation failure in Core/Ap4Atom.cpp of Bento 1.5.1-628 causes a direct copy to NULL pointer dereference, leading to a denial of service (DOS). | 6.5 |
| 2021-04-21 | CVE-2020-23912 | NULL Pointer Dereference vulnerability in Axiosys Bento4 An issue was discovered in Bento4 through v1.6.0-637. | 5.5 |
| 2019-12-30 | CVE-2019-20092 | NULL Pointer Dereference vulnerability in Axiosys Bento4 1.5.1.0 An issue was discovered in Bento4 1.5.1.0. | 5.5 |
| 2019-12-30 | CVE-2019-20091 | NULL Pointer Dereference vulnerability in Axiosys Bento4 1.5.1.0 An issue was discovered in Bento4 1.5.1.0. | 5.5 |
| 2019-10-10 | CVE-2019-17454 | NULL Pointer Dereference vulnerability in Axiosys Bento4 1.5.1.0 Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4_StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info. | 6.5 |
| 2019-10-10 | CVE-2019-17453 | NULL Pointer Dereference vulnerability in Axiosys Bento4 1.5.1.0 Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::WriteFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4encrypt or mp4compact. | 6.5 |
| 2019-10-10 | CVE-2019-17452 | NULL Pointer Dereference vulnerability in Axiosys Bento4 1.5.1.0 Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListInspector::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::InspectFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4dump. | 6.5 |
| 2019-09-16 | CVE-2019-16349 | NULL Pointer Dereference vulnerability in Axiosys Bento4 1.5.1628 Bento4 1.5.1-628 has a NULL pointer dereference in AP4_ByteStream::ReadUI32 in Core/Ap4ByteStream.cpp when called from the AP4_TrunAtom class. | 5.5 |
| 2019-07-18 | CVE-2019-13959 | NULL Pointer Dereference vulnerability in Axiosys Bento4 1.5.1627 In Bento4 1.5.1-627, AP4_DataBuffer::SetDataSize does not handle reallocation failures, leading to a memory copy into a NULL pointer. | 6.5 |