Shodan
Vulnerabilities
Vulnerable Software
Axiosys:  Security Vulnerabilities
CVE-2022-3662
A vulnerability was found in Axiomatic Bento4. It has been declared as critical. This vulnerability affects the function GetOffset of the file Ap4Sample.h of the component mp42hls. The manipulation leads to use after free. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-212002 is the identifier assigned to this vulnerability.
CVSS Score
7.3
EPSS Score
0.004
Published
2022-10-26
CVE-2022-40884
Bento4 1.6.0 has memory leaks via the mp4fragment.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-10-19
CVE-2022-40885
Bento4 v1.6.0-639 has a memory allocation issue that can cause denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-10-19
CVE-2022-43037
An issue was discovered in Bento4 1.6.0-639. There is a memory leak in the function AP4_File::ParseStream in /Core/Ap4File.cpp.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-10-19
CVE-2022-43038
Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadCache() function in mp42ts.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-10-19
CVE-2022-43032
An issue was discovered in Bento4 v1.6.0-639. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp, as demonstrated by mp42aac.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-10-19
CVE-2022-43033
An issue was discovered in Bento4 1.6.0-639. There is a bad free in the component AP4_HdlrAtom::~AP4_HdlrAtom() which allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-10-19
CVE-2022-43034
An issue was discovered in Bento4 v1.6.0-639. There is a heap buffer overflow vulnerability in the AP4_BitReader::SkipBits(unsigned int) function in mp42ts.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-10-19
CVE-2022-43035
An issue was discovered in Bento4 v1.6.0-639. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42aac.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-10-19
CVE-2022-41429
Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_Atom::TypeFromString function in mp4tag.
CVSS Score
8.8
EPSS Score
0.004
Published
2022-10-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved