CVE-2025-60465
- EPSS 0.14%
- Veröffentlicht 25.06.2026 00:00:00
- Zuletzt bearbeitet 30.06.2026 19:03:42
A use-after-free in the gf_filter_pid_inst_swap function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted media file.
CVE-2025-60464
- EPSS 0.14%
- Veröffentlicht 25.06.2026 00:00:00
- Zuletzt bearbeitet 30.06.2026 19:03:47
A use-after-free in the gf_sei_load_from_state_internal function (/filters/sei_load.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MPEG-2 TS file.
CVE-2025-60474
- EPSS 0.58%
- Veröffentlicht 24.06.2026 23:16:40
- Zuletzt bearbeitet 29.06.2026 23:26:36
A buffer overflow in the gf_media_import function (/media_tools/av_parsers.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input.
CVE-2025-60467
- EPSS 0.51%
- Veröffentlicht 24.06.2026 23:16:39
- Zuletzt bearbeitet 29.06.2026 23:20:05
A use-after-free in the gf_filter_pid_inst_swap_delete_task function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted media file.
CVE-2025-60471
- EPSS 0.14%
- Veröffentlicht 24.06.2026 19:17:07
- Zuletzt bearbeitet 29.06.2026 23:14:24
A use-after-free in the gf_filter_pid_reconfigure_task_discard function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted media file.
CVE-2025-60473
- EPSS 0.14%
- Veröffentlicht 24.06.2026 00:00:00
- Zuletzt bearbeitet 29.06.2026 23:37:15
A NULL pointer dereference in the gf_filter_in_parent_chain function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted file.
- EPSS 0.12%
- Veröffentlicht 24.06.2026 00:00:00
- Zuletzt bearbeitet 29.06.2026 23:29:43
A use-after-free in the gf_filter_pid_get_packet function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted media file.
CVE-2025-55639
- EPSS 0.35%
- Veröffentlicht 23.06.2026 00:00:00
- Zuletzt bearbeitet 30.06.2026 17:18:18
GPAC MP4Box v2.4 was discovered to contain a NULL pointer dereference in the gf_isom_add_track_kind() function at isomedia/isom_write.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
CVE-2025-55643
- EPSS 0.19%
- Veröffentlicht 15.06.2026 00:00:00
- Zuletzt bearbeitet 16.06.2026 17:37:22
A NULL pointer dereference in the TrackWriter handling component (filters/mux_isom.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVE-2025-55642
- EPSS 0.36%
- Veröffentlicht 15.06.2026 00:00:00
- Zuletzt bearbeitet 16.06.2026 17:34:04
GPAC MP4Box v2.4 was discovered to contain a floating point exception in the avidmx_process function (isomedia/isom_write.c).