Every CVE whose affected-product data names Axiosys Bento4, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (156)
CVE-2018-13846 — CVSS 9.8 (critical): An issue has been found in Bento4 1.5.1-624. AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp has a heap-based buffer…
CVE-2018-14532 — CVSS 9.8 (critical): An issue was discovered in Bento4 1.5.1-624. There is a heap-based buffer over-read in AP4_Mpeg2TsVideoSampleStream::WriteSample in…
CVE-2018-14531 — CVSS 9.8 (critical): An issue was discovered in Bento4 1.5.1-624. There is an unspecified "heap-buffer-overflow" crash in the AP4_HvccAtom class in…
CVE-2024-31002 — CVSS 9.8 (critical): Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4…
CVE-2024-31004 — CVSS 9.8 (critical): An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the Ap4StsdAtom.cpp,AP4_StsdAtom::AP4_StsdAtom,m…
CVE-2019-8378 — CVSS 8.8 (high): An issue was discovered in Bento4 1.5.1-628. A heap-based buffer over-read exists in AP4_BitStream::ReadBytes() in Codecs/Ap4BitStream.cpp…
CVE-2018-14589 — CVSS 8.8 (high): An issue has been discovered in Bento4 1.5.1-624. AP4_Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.cpp has a heap-based buffer…
CVE-2021-32265 — CVSS 8.8 (high): An issue was discovered in Bento4 through v1.6.0-637. A global-buffer-overflow exists in the function AP4_MemoryByteStream::WritePartial()…
CVE-2019-15047 — CVSS 8.8 (high): An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the function AP4_BitReader::SkipBits at…
CVE-2022-41428 — CVSS 8.8 (high): Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBits function in mp4mux.
CVE-2024-31003 — CVSS 8.8 (high): Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4_MemoryByteStream::W…
CVE-2018-14586 — CVSS 8.8 (high): An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Mpeg2TsAudioSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp, a…
CVE-2018-14584 — CVSS 8.8 (high): An issue has been discovered in Bento4 1.5.1-624. AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp has a heap-based buffer over-read.
CVE-2019-9544 — CVSS 8.8 (high): An issue was discovered in Bento4 1.5.1-628. An out of bounds write occurs in AP4_CttsTableEntry::AP4_CttsTableEntry() located in…
CVE-2019-8382 — CVSS 8.8 (high): An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in the function AP4_List:Find located in Core/Ap4List.h when…
CVE-2019-8380 — CVSS 8.8 (high): An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in AP4_Track::GetSampleIndexForTimeStampMs() located in…
CVE-2019-15050 — CVSS 8.8 (high): An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_AvccAtom class at Core/Ap4AvccAtom.cpp.
CVE-2018-14585 — CVSS 8.8 (high): An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE in Core/Ap4Utils.h has a heap-based buffer over-read after a call…
CVE-2022-41429 — CVSS 8.8 (high): Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_Atom::TypeFromString function in mp4tag.
CVE-2022-41430 — CVSS 8.8 (high): Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBit function in mp4mux.
CVE-2019-15048 — CVSS 8.8 (high): An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer overflow in the AP4_RtpAtom class at Core/Ap4RtpAtom.cpp.
CVE-2019-15049 — CVSS 8.8 (high): An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_Dec3Atom class at Core/Ap4Dec3Atom.cpp.
CVE-2018-14587 — CVSS 8.8 (high): An issue has been discovered in Bento4 1.5.1-624. AP4_MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read.
CVE-2022-27607 — CVSS 8.1 (high): Bento4 1.6.0-639 has a heap-based buffer over-read in the AP4_HvccAtom class, a different issue than CVE-2018-14531.
CVE-2024-31005 — CVSS 8.1 (high): An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the Ap4MdhdAtom.cpp,AP4_MdhdAtom::AP4_MdhdAtom,m…
CVE-2025-25943 — CVSS 7.8 (high): Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the AP4_Stz2Atom::AP4_Stz2Atom…
CVE-2018-5253 — CVSS 7.8 (high): The AP4_FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 has an Infinite loop via a crafted MP4 file that triggers size mishandling.
CVE-2017-14260 — CVSS 7.8 (high): In the SDK in Bento4 1.5.0-616, the AP4_StssAtom class in Ap4StssAtom.cpp contains a Write Memory Access Violation vulnerability. It is…
CVE-2019-17529 — CVSS 7.8 (high): An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_CencSampleEncryption::DoInspectFields in…
CVE-2019-17530 — CVSS 7.8 (high): An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_PrintInspector::AddField in Core/Ap4Atom.cpp when…
CVE-2019-20090 — CVSS 7.8 (high): An issue was discovered in Bento4 1.5.1.0. There is a use-after-free in AP4_Sample::GetOffset in Core/Ap4Sample.h when called from…
CVE-2020-23330 — CVSS 7.5 (high): An issue was discovered in Bento4 version 06c39d9. A NULL pointer dereference exists in the AP4_Stz2Atom::GetSampleSize component located…
CVE-2017-14646 — CVSS 7.5 (high): The AP4_AvccAtom and AP4_HvccAtom classes in Bento4 version 1.5.0-617 do not properly validate data sizes, leading to a heap-based buffer…
CVE-2019-6132 — CVSS 7.5 (high): An issue was discovered in Bento4 v1.5.1-627. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in…
CVE-2020-23333 — CVSS 7.5 (high): A heap-based buffer overflow exists in the AP4_CttsAtom::AP4_CttsAtom component located in /Core/Ap4Utils.h of Bento4 version 06c39d9. This…
CVE-2018-14590 — CVSS 7.5 (high): An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp.
CVE-2018-13847 — CVSS 7.5 (high): An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StcoAtom::AdjustChunkOffsets in Core/Ap4StcoAtom.cpp.
CVE-2018-13848 — CVSS 7.5 (high): An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StszAtom::GetSampleSize in Core/Ap4StszAtom.cpp.
CVE-2020-23332 — CVSS 7.5 (high): A heap-based buffer overflow exists in the AP4_StdcFileByteStream::ReadPartial component located in /StdC/Ap4StdCFileByteStream.cpp of…
CVE-2020-23331 — CVSS 7.5 (high): An issue was discovered in Bento4 version 06c39d9. A NULL pointer dereference exists in the AP4_DescriptorListWriter::Action component…
CVE-2019-17528 — CVSS 7.5 (high): An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the function AP4_TfhdAtom::SetDefaultSampleSize at Core/Ap4TfhdAtom.h when…
CVE-2019-13238 — CVSS 7.5 (high): An issue was discovered in Bento4 1.5.1.0. A memory allocation failure is unhandled in Core/Ap4SdpAtom.cpp and leads to crashes. When…
CVE-2024-30807 — CVSS 7.5 (high): An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in AP4_UnknownAtom::~AP4_UnknownAtom at…
CVE-2024-30809 — CVSS 7.5 (high): An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in Ap4Sample.h in AP4_Sample::GetOffset() const…
CVE-2021-40941 — CVSS 7.5 (high): In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity in…
CVE-2018-10790 — CVSS 7.5 (high): The AP4_CttsAtom class in Core/Ap4CttsAtom.cpp in Bento4 1.5.1.0 allows remote attackers to cause a denial of service (application crash)…
CVE-2018-14588 — CVSS 7.5 (high): An issue has been discovered in Bento4 1.5.1-624. A NULL pointer dereference can occur in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp.
CVE-2020-23334 — CVSS 7.5 (high): A WRITE memory access in the AP4_NullTerminatedStringAtom::AP4_NullTerminatedStringAtom component of Bento4 version 06c39d9 can lead to a…
CVE-2022-3664 — CVSS 7.3 (high): A vulnerability classified as critical has been found in Axiomatic Bento4. Affected is the function AP4_BitStream::WriteBytes of the file…
CVE-2022-3662 — CVSS 7.3 (high): A vulnerability was found in Axiomatic Bento4. It has been declared as critical. This vulnerability affects the function GetOffset of the…
CVE-2022-3665 — CVSS 7.3 (high): A vulnerability classified as critical was found in Axiomatic Bento4. Affected by this vulnerability is an unknown functionality of the…
CVE-2025-25944 — CVSS 7.3 (high): Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the Ap4RtpAtom.cpp, specifically…
CVE-2022-3670 — CVSS 7.3 (high): A vulnerability was found in Axiomatic Bento4. It has been classified as critical. Affected is the function WriteSample of the component…
CVE-2022-3667 — CVSS 7.3 (high): A vulnerability, which was classified as critical, was found in Axiomatic Bento4. This affects the function AP4_MemoryByteStream::WriteParti…
CVE-2022-3666 — CVSS 7.3 (high): A vulnerability, which was classified as critical, has been found in Axiomatic Bento4. Affected by this issue is the function…
CVE-2022-40738 — CVSS 6.5 (medium): An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_DescriptorListWriter::Action in…
CVE-2022-41419 — CVSS 6.5 (medium): Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4_Processor::Process function in the mp4encrypt binary.
CVE-2018-14445 — CVSS 6.5 (medium): In Bento4 v1.5.1-624, AP4_File::ParseStream in Ap4File.cpp allows remote attackers to cause a denial of service (infinite loop) via a…
CVE-2025-25945 — CVSS 6.5 (medium): An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the Mp4Fragment.cpp and in AP4_DescriptorFactory::C…
CVE-2018-20095 — CVSS 6.5 (medium): An issue was discovered in EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory…
CVE-2018-20186 — CVSS 6.5 (medium): An issue was discovered in Bento4 1.5.1-627. AP4_Sample::ReadData in Core/Ap4Sample.cpp allows attackers to trigger an attempted excessive…
CVE-2018-20407 — CVSS 6.5 (medium): An issue was discovered in Bento4 1.5.1-627. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in…
CVE-2018-20408 — CVSS 6.5 (medium): An issue was discovered in Bento4 1.5.1-627. There is a memory leak in AP4_StdcFileByteStream::Create in System/StdC/Ap4StdCFileByteStream.c…
CVE-2018-20409 — CVSS 6.5 (medium): An issue was discovered in Bento4 1.5.1-627. There is a heap-based buffer over-read in AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp, as…
CVE-2018-20502 — CVSS 6.5 (medium): An issue was discovered in Bento4 1.5.1-627. There is an attempt at excessive memory allocation in the AP4_DataBuffer class when called…
CVE-2018-20659 — CVSS 6.5 (medium): An issue was discovered in Bento4 1.5.1-627. The AP4_StcoAtom class in Core/Ap4StcoAtom.cpp has an attempted excessive memory allocation…
CVE-2019-13959 — CVSS 6.5 (medium): In Bento4 1.5.1-627, AP4_DataBuffer::SetDataSize does not handle reallocation failures, leading to a memory copy into a NULL pointer. This…
CVE-2025-25942 — CVSS 6.5 (medium): An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the mp4fragment tool when processing invalid…
CVE-2019-17452 — CVSS 6.5 (medium): Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListInspector::Action in Core/Ap4Descriptor.h, related to…
CVE-2019-17453 — CVSS 6.5 (medium): Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, related to…
CVE-2019-17454 — CVSS 6.5 (medium): Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4_StsdAtom::GetSampleDescripti…
CVE-2024-57598 — CVSS 6.5 (medium): A floating point exception (divide-by-zero) vulnerability was discovered in Bento4 1.6.0-641 in function AP4_TfraAtom() of Ap4TfraAtom.cpp…
CVE-2019-6966 — CVSS 6.5 (medium): An issue was discovered in Bento4 1.5.1-628. The AP4_ElstAtom class in Core/Ap4ElstAtom.cpp has an attempted excessive memory allocation…
CVE-2019-7697 — CVSS 6.5 (medium): An issue was discovered in Bento4 v1.5.1-627. There is an assertion failure in AP4_AtomListWriter::Action in Core/Ap4Atom.cpp, leading to a…
CVE-2019-7698 — CVSS 6.5 (medium): An issue was discovered in AP4_Array<AP4_CttsTableEntry>::EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers…
CVE-2019-7699 — CVSS 6.5 (medium): A heap-based buffer over-read occurs in AP4_BitStream::WriteBytes in Codecs/Ap4BitStream.cpp in Bento4 v1.5.1-627. Remote attackers could…
CVE-2020-19717 — CVSS 6.5 (medium): An unhandled memory allocation failure in Core/Ap48bdlAtom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of…
CVE-2020-19718 — CVSS 6.5 (medium): An unhandled memory allocation failure in Core/Ap4Atom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of…
CVE-2020-19719 — CVSS 6.5 (medium): A buffer overflow vulnerability in Ap4ElstAtom.cpp of Bento 1.5.1-628 leads to a denial of service (DOS).
CVE-2020-19720 — CVSS 6.5 (medium): An unhandled memory allocation failure in Core/AP4IkmsAtom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of…
CVE-2020-19721 — CVSS 6.5 (medium): A heap buffer overflow vulnerability in Ap4TrunAtom.cpp of Bento 1.5.1-628 may lead to an out-of-bounds write while running mp42aac…
CVE-2020-19722 — CVSS 6.5 (medium): An unhandled memory allocation failure in Core/Ap4Atom.cpp of Bento 1.5.1-628 causes a direct copy to NULL pointer dereference, leading to…
CVE-2020-21066 — CVSS 6.5 (medium): An issue was discovered in Bento4 v1.5.1.0. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a…
CVE-2021-35306 — CVSS 6.5 (medium): An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the function AP4_StszAtom::WriteFields located…
CVE-2021-35307 — CVSS 6.5 (medium): An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the AP4_DescriptorFinder::Test component located…
CVE-2024-30806 — CVSS 6.5 (medium): An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading…
CVE-2024-25451 — CVSS 6.5 (medium): Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4_DataBuffer::ReallocateBuffer() function.
CVE-2024-24155 — CVSS 6.5 (medium): Bento4 v1.5.1-628 contains a Memory leak on AP4_Movie::AP4_Movie, parsing tracks and added into m_Tracks list, but mp42aac cannot correctly…
CVE-2022-43038 — CVSS 6.5 (medium): Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadCache() function in mp42ts.
CVE-2022-43037 — CVSS 6.5 (medium): An issue was discovered in Bento4 1.6.0-639. There is a memory leak in the function AP4_File::ParseStream in /Core/Ap4File.cpp.
CVE-2022-43035 — CVSS 6.5 (medium): An issue was discovered in Bento4 v1.6.0-639. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to…
CVE-2022-43034 — CVSS 6.5 (medium): An issue was discovered in Bento4 v1.6.0-639. There is a heap buffer overflow vulnerability in the AP4_BitReader::SkipBits(unsigned int)…
CVE-2022-43033 — CVSS 6.5 (medium): An issue was discovered in Bento4 1.6.0-639. There is a bad free in the component AP4_HdlrAtom::~AP4_HdlrAtom() which allows attackers to…
CVE-2022-43032 — CVSS 6.5 (medium): An issue was discovered in Bento4 v1.6.0-639. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in…
CVE-2022-41427 — CVSS 6.5 (medium): Bento4 v1.6.0-639 was discovered to contain a memory leak in the AP4_AvcFrameParser::Feed function in mp4mux.
CVE-2022-41426 — CVSS 6.5 (medium): Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4_AtomFactory::CreateAtomFromStream function in mp4split.
CVE-2022-41425 — CVSS 6.5 (medium): Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_Processor::ProcessFragments function in mp4decrypt.
CVE-2022-40438 — CVSS 6.5 (medium): Buffer overflow vulnerability in function AP4_MemoryByteStream::WritePartial in mp42aac in Bento4 v1.6.0-639, allows attackers to cause a…
CVE-2022-40439 — CVSS 6.5 (medium): An memory leak issue was discovered in AP4_StdcFileByteStream::Create in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of…
CVE-2022-40736 — CVSS 6.5 (medium): An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in AP4_CttsAtom::Create in Core/Ap4CttsAtom.cpp.
CVE-2022-40737 — CVSS 6.5 (medium): An issue was discovered in Bento4 through 1.6.0-639. A buffer over-read exists in the function AP4_StdcFileByteStream::WritePartial located…
CVE-2022-41424 — CVSS 6.5 (medium): Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4_SttsAtom::Create function in mp42hls.
CVE-2022-3974 — CVSS 6.3 (medium): A vulnerability classified as critical was found in Axiomatic Bento4. Affected by this vulnerability is the function AP4_StdcFileByteStream…
CVE-2022-3784 — CVSS 6.3 (medium): A vulnerability classified as critical was found in Axiomatic Bento4 5e7bb34. Affected by this vulnerability is the function…
CVE-2022-3785 — CVSS 6.3 (medium): A vulnerability, which was classified as critical, has been found in Axiomatic Bento4. Affected by this issue is the function…
CVE-2022-4584 — CVSS 6.3 (medium): A vulnerability was found in Axiomatic Bento4 up to 1.6.0-639. It has been rated as critical. Affected by this issue is some unknown…
CVE-2025-0751 — CVSS 6.3 (medium): A vulnerability classified as critical has been found in Axiomatic Bento4 up to 1.6.0. This affects the function AP4_BitReader::ReadBits of…
CVE-2025-0753 — CVSS 6.3 (medium): A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0. This vulnerability affects the function…
CVE-2025-0870 — CVSS 5.6 (medium): A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function…
CVE-2017-12475 — CVSS 5.5 (medium): The AP4_Processor::Process function in Core/Ap4Processor.cpp in Bento4 mp4encrypt before 1.5.0-616 allows remote attackers to cause a…
CVE-2022-40775 — CVSS 5.5 (medium): An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_StszAtom::WriteFields.
CVE-2022-31282 — CVSS 5.5 (medium): Bento4 MP4Dump v1.2 was discovered to contain a segmentation violation via an unknown address at /Source/C++/Core/Ap4DataBuffer.cpp:175.
CVE-2022-29017 — CVSS 5.5 (medium): Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x86_64/multiarch/strlen-avx2.S.
CVE-2021-40943 — CVSS 5.5 (medium): In Bento4 1.6.0-638, there is a null pointer reference in the function AP4_DescriptorListInspector::Action function in Ap4Descriptor.h:124…
CVE-2020-23912 — CVSS 5.5 (medium): An issue was discovered in Bento4 through v1.6.0-637. A NULL pointer dereference exists in the function AP4_StszAtom::GetSampleSize()…
CVE-2019-20092 — CVSS 5.5 (medium): An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from…
CVE-2019-20091 — CVSS 5.5 (medium): An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from…
CVE-2025-25947 — CVSS 5.5 (medium): An issue in Bento4 v1.6.0-641 allows an attacker to trigger a segmentation fault via Ap4Atom.cpp, specifically in AP4_AtomParent::RemoveChil…
CVE-2019-16349 — CVSS 5.5 (medium): Bento4 1.5.1-628 has a NULL pointer dereference in AP4_ByteStream::ReadUI32 in Core/Ap4ByteStream.cpp when called from the AP4_TrunAtom…
CVE-2018-14545 — CVSS 5.5 (medium): There exists one invalid memory read bug in AP4_SampleDescription::GetType() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow…
CVE-2018-14544 — CVSS 5.5 (medium): There exists one invalid memory read bug in AP4_SampleDescription::GetFormat() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can…
CVE-2018-14543 — CVSS 5.5 (medium): There exists one NULL pointer dereference vulnerability in AP4_JsonInspector::AddField in Ap4Atom.cpp in Bento4 1.5.1-624, which can allow…
CVE-2022-40774 — CVSS 5.5 (medium): An issue was discovered in Bento4 through 1.6.0-639. There is a NULL pointer dereference in AP4_StszAtom::GetSampleSize.
CVE-2022-41841 — CVSS 5.5 (medium): An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_File::ParseStream in Core/Ap4File.cpp, which…
CVE-2022-41845 — CVSS 5.5 (medium): An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_Array<AP4_ElstEntry>::EnsureCapacity…
CVE-2022-41846 — CVSS 5.5 (medium): An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_DataBuffer::ReallocateBuffer in…
CVE-2022-41847 — CVSS 5.5 (medium): An issue was discovered in Bento4 1.6.0-639. A memory leak exists in AP4_StdcFileByteStream::Create(AP4_FileByteStream*, char const*…
CVE-2025-25946 — CVSS 5.5 (medium): An issue in Bento4 v1.6.0-641 allows an attacker to cause a memory leak via Ap4Marlin.cpp and Ap4Processor.cpp, specifically in…
CVE-2023-29576 — CVSS 5.5 (medium): Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_TrunAtom::SetDataOffset(int) function in Ap4TrunAtom.h.
CVE-2023-38666 — CVSS 5.5 (medium): Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_Processor::ProcessFragments function in mp4encrypt.
CVE-2022-35165 — CVSS 5.5 (medium): An issue in AP4_SgpdAtom::AP4_SgpdAtom() of Bento4-1.6.0-639 allows attackers to cause a Denial of Service (DoS) via a crafted mp4 input.
CVE-2024-25452 — CVSS 5.5 (medium): Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4_UrlAtom::AP4_UrlAtom() function.
CVE-2024-25453 — CVSS 5.5 (medium): Bento4 v1.6.0-640 was discovered to contain a NULL pointer dereference via the AP4_StszAtom::GetSampleSize() function.
CVE-2024-25454 — CVSS 5.5 (medium): Bento4 v1.6.0-640 was discovered to contain a NULL pointer dereference via the AP4_DescriptorFinder::Test() function.
CVE-2022-31287 — CVSS 5.5 (medium): An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom.cpp.
CVE-2022-31285 — CVSS 5.5 (medium): An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core/Ap4Array.h.
CVE-2022-3663 — CVSS 5.3 (medium): A vulnerability was found in Axiomatic Bento4. It has been rated as problematic. This issue affects the function AP4_StsdAtom of the file…
CVE-2022-3669 — CVSS 5.3 (medium): A vulnerability was found in Axiomatic Bento4 and classified as problematic. This issue affects the function AP4_AvccAtom::Create of the…
CVE-2022-3668 — CVSS 5.3 (medium): A vulnerability has been found in Axiomatic Bento4 and classified as problematic. This vulnerability affects the function…
CVE-2022-3813 — CVSS 4.3 (medium): A vulnerability classified as problematic has been found in Axiomatic Bento4. This affects an unknown part of the component mp4edit. The…
CVE-2022-3817 — CVSS 4.3 (medium): A vulnerability has been found in Axiomatic Bento4 and classified as problematic. Affected by this vulnerability is an unknown…
CVE-2022-3812 — CVSS 4.3 (medium): A vulnerability was found in Axiomatic Bento4. It has been rated as problematic. Affected by this issue is the function…
CVE-2022-3810 — CVSS 4.3 (medium): A vulnerability was found in Axiomatic Bento4. It has been classified as problematic. This affects the function AP4_File::AP4_File of the…
CVE-2022-3809 — CVSS 4.3 (medium): A vulnerability was found in Axiomatic Bento4 and classified as problematic. Affected by this issue is the function ParseCommandLine of the…
CVE-2022-3807 — CVSS 4.3 (medium): A vulnerability was found in Axiomatic Bento4. It has been rated as problematic. Affected by this issue is some unknown functionality of…
CVE-2022-3816 — CVSS 4.3 (medium): A vulnerability, which was classified as problematic, was found in Axiomatic Bento4. Affected is an unknown function of the component…
CVE-2022-3815 — CVSS 4.3 (medium): A vulnerability, which was classified as problematic, has been found in Axiomatic Bento4. This issue affects some unknown processing of the…
CVE-2022-3814 — CVSS 4.3 (medium): A vulnerability classified as problematic was found in Axiomatic Bento4. This vulnerability affects unknown code of the component…
CVE-2025-8537 — CVSS 3.7 (low): A vulnerability, which was classified as problematic, was found in Axiomatic Bento4 up to 1.6.0-641. Affected is the function…
CVE-2024-30808 — CVSS 2.7 (low): An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in AP4_SubStream::~AP4_SubStream at…