CVE-2025-60467
- EPSS 0.51%
- Veröffentlicht 24.06.2026 23:16:39
- Zuletzt bearbeitet 29.06.2026 23:20:05
A use-after-free in the gf_filter_pid_inst_swap_delete_task function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted media file.
CVE-2025-60468
- EPSS 0.13%
- Veröffentlicht 24.06.2026 22:16:44
- Zuletzt bearbeitet 26.06.2026 19:56:49
GPAC Multimedia Open Source Project GPAC Project/MP4Box 2.5-DEV-rev1593-gfe88c3545-master is affected by: Buffer Overflow. The impact is: cause a denial of service (local). The component is: filter_core/filter_pid.c (L:574-580): function gf_filter_pi...
CVE-2025-60471
- EPSS 0.14%
- Veröffentlicht 24.06.2026 19:17:07
- Zuletzt bearbeitet 29.06.2026 23:14:24
A use-after-free in the gf_filter_pid_reconfigure_task_discard function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted media file.
- EPSS 0.12%
- Veröffentlicht 24.06.2026 00:00:00
- Zuletzt bearbeitet 29.06.2026 23:29:43
A use-after-free in the gf_filter_pid_get_packet function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted media file.
CVE-2025-60473
- EPSS 0.14%
- Veröffentlicht 24.06.2026 00:00:00
- Zuletzt bearbeitet 29.06.2026 23:37:15
A NULL pointer dereference in the gf_filter_in_parent_chain function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted file.
CVE-2025-55639
- EPSS 0.35%
- Veröffentlicht 23.06.2026 00:00:00
- Zuletzt bearbeitet 30.06.2026 17:18:18
GPAC MP4Box v2.4 was discovered to contain a NULL pointer dereference in the gf_isom_add_track_kind() function at isomedia/isom_write.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
CVE-2025-55641
- EPSS 0.19%
- Veröffentlicht 15.06.2026 00:00:00
- Zuletzt bearbeitet 16.06.2026 17:28:32
A NULL pointer dereference in the gf_isom_copy_sample_info function (isomedia/isom_write.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVE-2025-55642
- EPSS 0.36%
- Veröffentlicht 15.06.2026 00:00:00
- Zuletzt bearbeitet 16.06.2026 17:34:04
GPAC MP4Box v2.4 was discovered to contain a floating point exception in the avidmx_process function (isomedia/isom_write.c).
CVE-2025-55643
- EPSS 0.19%
- Veröffentlicht 15.06.2026 00:00:00
- Zuletzt bearbeitet 16.06.2026 17:37:22
A NULL pointer dereference in the TrackWriter handling component (filters/mux_isom.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVE-2025-55644
- EPSS 0.19%
- Veröffentlicht 15.06.2026 00:00:00
- Zuletzt bearbeitet 16.06.2026 17:37:38
A heap use-after-free in the gf_node_get_tag function (scenegraph/base_scenegraph.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.