Vulnerabilities > Axiosys
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-10 | CVE-2018-13847 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Axiosys Bento4 1.5.1624 An issue has been found in Bento4 1.5.1-624. | 7.5 |
| 2018-07-10 | CVE-2018-13846 | Out-of-bounds Read vulnerability in Axiosys Bento4 1.5.1624 An issue has been found in Bento4 1.5.1-624. | 9.8 |
| 2018-01-05 | CVE-2018-5253 | Infinite Loop vulnerability in Axiosys Bento4 1.5.1.0 The AP4_FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 has an Infinite loop via a crafted MP4 file that triggers size mishandling. | 7.8 |
| 2017-09-21 | CVE-2017-14646 | Out-of-bounds Read vulnerability in Axiosys Bento4 1.5.0617 The AP4_AvccAtom and AP4_HvccAtom classes in Bento4 version 1.5.0-617 do not properly validate data sizes, leading to a heap-based buffer over-read and application crash in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp. | 7.5 |
| 2017-09-11 | CVE-2017-14260 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Axiosys Bento4 1.5.0616 In the SDK in Bento4 1.5.0-616, the AP4_StssAtom class in Ap4StssAtom.cpp contains a Write Memory Access Violation vulnerability. | 7.8 |
| 2017-09-06 | CVE-2017-12475 | NULL Pointer Dereference vulnerability in Axiosys Bento4 The AP4_Processor::Process function in Core/Ap4Processor.cpp in Bento4 mp4encrypt before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file. | 5.5 |