Vulnerabilities > Axiosys

DATE CVE VULNERABILITY TITLE RISK
2022-06-28 CVE-2021-40943 NULL Pointer Dereference vulnerability in Axiosys Bento4 1.6.0638
In Bento4 1.6.0-638, there is a null pointer reference in the function AP4_DescriptorListInspector::Action function in Ap4Descriptor.h:124 , as demonstrated by GPAC.
local
low complexity
axiosys CWE-476
5.5
2022-06-27 CVE-2021-40941 Allocation of Resources Without Limits or Throttling vulnerability in Axiosys Bento4 1.6.0638
In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity in Ap4Array.h:172, as demonstrated by GPAC.
network
low complexity
axiosys CWE-770
7.5
2022-06-10 CVE-2022-31282 Unspecified vulnerability in Axiosys Bento4 1.2
Bento4 MP4Dump v1.2 was discovered to contain a segmentation violation via an unknown address at /Source/C++/Core/Ap4DataBuffer.cpp:175.
local
low complexity
axiosys
5.5
2022-06-10 CVE-2022-31285 Allocation of Resources Without Limits or Throttling vulnerability in Axiosys Bento4 1.2
An issue was discovered in Bento4 1.2.
local
low complexity
axiosys CWE-770
5.5
2022-06-10 CVE-2022-31287 Allocation of Resources Without Limits or Throttling vulnerability in Axiosys Bento4 1.2
An issue was discovered in Bento4 v1.2.
local
low complexity
axiosys CWE-770
5.5
2022-05-16 CVE-2022-29017 Improper Handling of Exceptional Conditions vulnerability in Axiosys Bento4 1.6.0.0
Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x86_64/multiarch/strlen-avx2.S.
local
low complexity
axiosys CWE-755
5.5
2022-03-21 CVE-2022-27607 Out-of-bounds Read vulnerability in Axiosys Bento4 1.6.0639
Bento4 1.6.0-639 has a heap-based buffer over-read in the AP4_HvccAtom class, a different issue than CVE-2018-14531.
network
low complexity
axiosys CWE-125
8.1
2021-09-20 CVE-2021-32265 Classic Buffer Overflow vulnerability in Axiosys Bento4
An issue was discovered in Bento4 through v1.6.0-637.
network
low complexity
axiosys CWE-120
8.8
2021-08-25 CVE-2018-10790 Allocation of Resources Without Limits or Throttling vulnerability in Axiosys Bento4 1.5.1.0
The AP4_CttsAtom class in Core/Ap4CttsAtom.cpp in Bento4 1.5.1.0 allows remote attackers to cause a denial of service (application crash), related to a memory allocation failure, as demonstrated by mp2aac.
network
low complexity
axiosys CWE-770
7.5
2021-08-17 CVE-2020-23330 NULL Pointer Dereference vulnerability in Axiosys Bento4
An issue was discovered in Bento4 version 06c39d9.
network
low complexity
axiosys CWE-476
7.5