Axiosys

Bento4

156 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2025-8537

Exploit
  • EPSS 0.3%
  • Veröffentlicht 05.08.2025 00:32:06
  • Zuletzt bearbeitet 12.09.2025 15:56:04

A vulnerability, which was classified as problematic, was found in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4_DataBuffer::SetDataSize of the file Mp4Decrypt.cpp of the component mp4decrypt. The manipulation leads to allocation of ...

6.5

CVE-2025-25942

Exploit
  • EPSS 0.11%
  • Veröffentlicht 19.02.2025 23:15:15
  • Zuletzt bearbeitet 13.05.2025 14:02:13

An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the mp4fragment tool when processing invalid files. Specifically, memory allocated in SampleArray::SampleArray in Mp4Fragment.cpp is not properly released.

7.8

CVE-2025-25943

Exploit
  • EPSS 0.12%
  • Veröffentlicht 19.02.2025 23:15:15
  • Zuletzt bearbeitet 13.05.2025 14:02:15

Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the AP4_Stz2Atom::AP4_Stz2Atom component located in Ap4Stz2Atom.cpp.

7.3

CVE-2025-25944

Exploit
  • EPSS 0.09%
  • Veröffentlicht 19.02.2025 23:15:15
  • Zuletzt bearbeitet 13.05.2025 14:02:17

Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the Ap4RtpAtom.cpp, specifically in AP4_RtpAtom::AP4_RtpAtom, during the execution of mp4fragment with a crafted MP4 input file.

6.5

CVE-2025-25945

Exploit
  • EPSS 0.11%
  • Veröffentlicht 19.02.2025 23:15:15
  • Zuletzt bearbeitet 13.05.2025 14:02:19

An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the Mp4Fragment.cpp and in AP4_DescriptorFactory::CreateDescriptorFromStream at Ap4DescriptorFactory.cpp.

5.5

CVE-2025-25946

Exploit
  • EPSS 0.03%
  • Veröffentlicht 19.02.2025 23:15:15
  • Zuletzt bearbeitet 09.06.2025 16:49:57

An issue in Bento4 v1.6.0-641 allows an attacker to cause a memory leak via Ap4Marlin.cpp and Ap4Processor.cpp, specifically in AP4_MarlinIpmpEncryptingProcessor::Initialize and AP4_Processor::Process, during the execution of mp4encrypt with a specia...

5.5

CVE-2025-25947

Exploit
  • EPSS 0.03%
  • Veröffentlicht 19.02.2025 23:15:15
  • Zuletzt bearbeitet 13.05.2025 14:02:23

An issue in Bento4 v1.6.0-641 allows an attacker to trigger a segmentation fault via Ap4Atom.cpp, specifically in AP4_AtomParent::RemoveChild, during the execution of mp4encrypt with a specially crafted MP4 input file.

6.5

CVE-2024-57598

Exploit
  • EPSS 0.23%
  • Veröffentlicht 05.02.2025 22:15:33
  • Zuletzt bearbeitet 15.05.2025 21:15:27

A floating point exception (divide-by-zero) vulnerability was discovered in Bento4 1.6.0-641 in function AP4_TfraAtom() of Ap4TfraAtom.cpp which allows a remote attacker to cause a denial of service vulnerability.

5.9

CVE-2025-0870

Exploit
  • EPSS 0.21%
  • Veröffentlicht 30.01.2025 13:15:10
  • Zuletzt bearbeitet 28.02.2025 22:16:37

A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4_DataBuffer::GetData in the library Ap4DataBuffer.h. The manipulation leads to heap-based buffer overflow. The att...

6.5

CVE-2025-0753

Exploit
  • EPSS 0.13%
  • Veröffentlicht 27.01.2025 21:15:13
  • Zuletzt bearbeitet 28.02.2025 22:16:37

A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0. This vulnerability affects the function AP4_StdcFileByteStream::ReadPartial of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack c...