Vulnerabilities > Axiosys > High

DATE CVE VULNERABILITY TITLE RISK
2022-10-03 CVE-2022-41428 Out-of-bounds Write vulnerability in Axiosys Bento4 1.6.0639
Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBits function in mp4mux.
network
low complexity
axiosys CWE-787
8.8
8.8
2022-10-03 CVE-2022-41429 Out-of-bounds Write vulnerability in Axiosys Bento4 1.6.0639
Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_Atom::TypeFromString function in mp4tag.
network
low complexity
axiosys CWE-787
8.8
8.8
2022-10-03 CVE-2022-41430 Out-of-bounds Write vulnerability in Axiosys Bento4 1.6.0639
Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBit function in mp4mux.
network
low complexity
axiosys CWE-787
8.8
8.8
2022-06-27 CVE-2021-40941 Allocation of Resources Without Limits or Throttling vulnerability in Axiosys Bento4 1.6.0638
In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity in Ap4Array.h:172, as demonstrated by GPAC.
network
low complexity
axiosys CWE-770
7.5
7.5
2022-03-21 CVE-2022-27607 Out-of-bounds Read vulnerability in Axiosys Bento4 1.6.0639
Bento4 1.6.0-639 has a heap-based buffer over-read in the AP4_HvccAtom class, a different issue than CVE-2018-14531.
network
low complexity
axiosys CWE-125
8.1
8.1
2021-09-20 CVE-2021-32265 Classic Buffer Overflow vulnerability in Axiosys Bento4
An issue was discovered in Bento4 through v1.6.0-637.
network
low complexity
axiosys CWE-120
8.8
8.8
2021-08-25 CVE-2018-10790 Allocation of Resources Without Limits or Throttling vulnerability in Axiosys Bento4 1.5.1.0
The AP4_CttsAtom class in Core/Ap4CttsAtom.cpp in Bento4 1.5.1.0 allows remote attackers to cause a denial of service (application crash), related to a memory allocation failure, as demonstrated by mp2aac.
network
low complexity
axiosys CWE-770
7.5
7.5
2021-08-17 CVE-2020-23330 NULL Pointer Dereference vulnerability in Axiosys Bento4
An issue was discovered in Bento4 version 06c39d9.
network
low complexity
axiosys CWE-476
7.5
7.5
2021-08-17 CVE-2020-23331 NULL Pointer Dereference vulnerability in Axiosys Bento4
An issue was discovered in Bento4 version 06c39d9.
network
low complexity
axiosys CWE-476
7.5
7.5
2021-08-17 CVE-2020-23332 Out-of-bounds Write vulnerability in Axiosys Bento4
A heap-based buffer overflow exists in the AP4_StdcFileByteStream::ReadPartial component located in /StdC/Ap4StdCFileByteStream.cpp of Bento4 version 06c39d9.
network
low complexity
axiosys CWE-787
7.5
7.5