Vulnerabilities > Axiosys > Bento4 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-23 | CVE-2018-14545 | Out-of-bounds Read vulnerability in Axiosys Bento4 1.5.1624 There exists one invalid memory read bug in AP4_SampleDescription::GetType() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. | 5.5 |
| 2018-07-23 | CVE-2018-14544 | Out-of-bounds Read vulnerability in Axiosys Bento4 1.5.1624 There exists one invalid memory read bug in AP4_SampleDescription::GetFormat() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. | 5.5 |
| 2018-07-23 | CVE-2018-14543 | NULL Pointer Dereference vulnerability in Axiosys Bento4 1.5.1624 There exists one NULL pointer dereference vulnerability in AP4_JsonInspector::AddField in Ap4Atom.cpp in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. | 5.5 |
| 2018-07-20 | CVE-2018-14445 | Infinite Loop vulnerability in Axiosys Bento4 1.5.1624 In Bento4 v1.5.1-624, AP4_File::ParseStream in Ap4File.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 file. | 6.5 |
| 2017-09-06 | CVE-2017-12475 | NULL Pointer Dereference vulnerability in Axiosys Bento4 The AP4_Processor::Process function in Core/Ap4Processor.cpp in Bento4 mp4encrypt before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file. | 5.5 |