CVE-2025-55641
- EPSS 0.19%
- Veröffentlicht 15.06.2026 00:00:00
- Zuletzt bearbeitet 16.06.2026 17:28:32
A NULL pointer dereference in the gf_isom_copy_sample_info function (isomedia/isom_write.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVE-2025-55659
- EPSS 0.35%
- Veröffentlicht 09.06.2026 00:00:00
- Zuletzt bearbeitet 14.06.2026 00:16:19
A NULL pointer dereference in the ctts_box_write function (isomedia/box_code_base.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVE-2025-55658
- EPSS 0.3%
- Veröffentlicht 09.06.2026 00:00:00
- Zuletzt bearbeitet 12.06.2026 16:46:17
GPAC MP4Box v2.4 was discovered to contain a floating point exception in the gf_opus_parse_packet_header function (media_tools/av_parsers.c). bThis vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
CVE-2025-55657
- EPSS 0.47%
- Veröffentlicht 09.06.2026 00:00:00
- Zuletzt bearbeitet 14.06.2026 00:16:19
A NULL pointer dereference in the gf_odf_vvc_cfg_write_bs function (odf/descriptors.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVE-2025-55651
- EPSS 0.19%
- Veröffentlicht 09.06.2026 00:00:00
- Zuletzt bearbeitet 14.06.2026 00:16:19
A NULL pointer dereference in the gf_isom_get_user_data_count function (isomedia/isom_read.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVE-2025-52293
- EPSS 0.47%
- Veröffentlicht 09.06.2026 00:00:00
- Zuletzt bearbeitet 14.06.2026 00:16:19
A segmentation violaton in the gf_hevc_read_sps_bs_internal function (media_tools/av_parsers.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying crafted HEVC SPS data.
CVE-2025-52292
- EPSS 0.5%
- Veröffentlicht 09.06.2026 00:00:00
- Zuletzt bearbeitet 14.06.2026 00:16:18
A stack buffer overflow in the filein_process function (in_file.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
- EPSS 0.11%
- Veröffentlicht 03.06.2026 14:16:31
- Zuletzt bearbeitet 04.06.2026 16:18:41
A NULL pointer dereference in the gf_filter_pid_resolve_file_template_ex function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted file.
CVE-2025-60486
- EPSS 0.13%
- Veröffentlicht 01.06.2026 00:00:00
- Zuletzt bearbeitet 02.06.2026 00:16:32
A heap use-after-free in the dasher_process function (/filters/dasher.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MPEG-2 file.
CVE-2025-55664
- EPSS 0.16%
- Veröffentlicht 01.06.2026 00:00:00
- Zuletzt bearbeitet 02.06.2026 00:16:32
A heap buffer overflow in the m2tsdmx_send_packet function (filters/dmx_m2ts.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.