Gstreamer
by Gstreamer
Source repositories
CVEs (105)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-0397 | 0.01 | — | 0.07 | Feb 3, 2009 | Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via… | |||
| CVE-2026-3084 | 0.00 | — | 0.00 | Mar 13, 2026 | GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack… | |||
| CVE-2026-2921 | 0.00 | — | 0.01 | Mar 13, 2026 | GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors… | |||
| CVE-2026-3083 | 0.00 | — | 0.01 | Mar 13, 2026 | GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors… | |||
| CVE-2026-3086 | 0.00 | — | 0.00 | Mar 13, 2026 | GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack… | |||
| CVE-2026-3085 | 0.00 | — | 0.01 | Mar 13, 2026 | GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack… | |||
| CVE-2026-3082 | 0.00 | — | 0.01 | Mar 13, 2026 | GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack… | |||
| CVE-2026-3081 | 0.00 | — | 0.00 | Mar 13, 2026 | GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but… | |||
| CVE-2026-2923 | 0.00 | — | 0.01 | Mar 13, 2026 | GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack… | |||
| CVE-2026-2922 | 0.00 | — | 0.00 | Mar 13, 2026 | GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack… | |||
| CVE-2026-2920 | 0.00 | — | 0.01 | Mar 13, 2026 | GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack… | |||
| CVE-2025-47808 | 0.00 | — | 0.00 | Aug 7, 2025 | In GStreamer through 1.26.1, the subparse plugin's tmplayer_parse_line function may dereference a NULL pointer while parsing a subtitle file, leading to a crash. | |||
| CVE-2025-47183 | 0.00 | — | 0.00 | Aug 7, 2025 | In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_tree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure. | |||
| CVE-2025-47806 | 0.00 | — | 0.00 | Aug 7, 2025 | In GStreamer through 1.26.1, the subparse plugin's parse_subrip_time function may write data past the bounds of a stack buffer, leading to a crash. | |||
| CVE-2025-47807 | 0.00 | — | 0.00 | Aug 7, 2025 | In GStreamer through 1.26.1, the subparse plugin's subrip_unescape_formatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash. | |||
| CVE-2025-6663 | 0.00 | — | 0.00 | Jul 7, 2025 | GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but… | |||
| CVE-2025-2759 | 0.00 | — | 0.00 | May 22, 2025 | GStreamer Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of GStreamer. An attacker must first obtain the ability to execute low-privileged code on the target… | |||
| CVE-2025-3887 | 0.00 | — | 0.01 | May 22, 2025 | GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but… | |||
| CVE-2024-47834 | 0.00 | — | 0.01 | Dec 11, 2024 | GStreamer is a library for constructing graphs of media-handling components. An Use-After-Free read vulnerability has been discovered affecting the processing of CodecPrivate elements in Matroska streams. In the GST_MATROSKA_ID_CODECPRIVATE case within the… | |||
| CVE-2024-47835 | 0.00 | — | 0.01 | Dec 11, 2024 | GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parse_lrc function within gstsubparse.c. The parse_lrc function calls strchr() to find the character ']' in the string line. The pointer… |
- CVE-2009-0397Feb 3, 2009risk 0.01cvss —epss 0.07
Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via…
- CVE-2026-3084Mar 13, 2026risk 0.00cvss —epss 0.00
GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…
- CVE-2026-2921Mar 13, 2026risk 0.00cvss —epss 0.01
GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors…
- CVE-2026-3083Mar 13, 2026risk 0.00cvss —epss 0.01
GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors…
- CVE-2026-3086Mar 13, 2026risk 0.00cvss —epss 0.00
GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…
- CVE-2026-3085Mar 13, 2026risk 0.00cvss —epss 0.01
GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…
- CVE-2026-3082Mar 13, 2026risk 0.00cvss —epss 0.01
GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…
- CVE-2026-3081Mar 13, 2026risk 0.00cvss —epss 0.00
GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but…
- CVE-2026-2923Mar 13, 2026risk 0.00cvss —epss 0.01
GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…
- CVE-2026-2922Mar 13, 2026risk 0.00cvss —epss 0.00
GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…
- CVE-2026-2920Mar 13, 2026risk 0.00cvss —epss 0.01
GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…
- CVE-2025-47808Aug 7, 2025risk 0.00cvss —epss 0.00
In GStreamer through 1.26.1, the subparse plugin's tmplayer_parse_line function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.
- CVE-2025-47183Aug 7, 2025risk 0.00cvss —epss 0.00
In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_tree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure.
- CVE-2025-47806Aug 7, 2025risk 0.00cvss —epss 0.00
In GStreamer through 1.26.1, the subparse plugin's parse_subrip_time function may write data past the bounds of a stack buffer, leading to a crash.
- CVE-2025-47807Aug 7, 2025risk 0.00cvss —epss 0.00
In GStreamer through 1.26.1, the subparse plugin's subrip_unescape_formatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.
- CVE-2025-6663Jul 7, 2025risk 0.00cvss —epss 0.00
GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but…
- CVE-2025-2759May 22, 2025risk 0.00cvss —epss 0.00
GStreamer Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of GStreamer. An attacker must first obtain the ability to execute low-privileged code on the target…
- CVE-2025-3887May 22, 2025risk 0.00cvss —epss 0.01
GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but…
- CVE-2024-47834Dec 11, 2024risk 0.00cvss —epss 0.01
GStreamer is a library for constructing graphs of media-handling components. An Use-After-Free read vulnerability has been discovered affecting the processing of CodecPrivate elements in Matroska streams. In the GST_MATROSKA_ID_CODECPRIVATE case within the…
- CVE-2024-47835Dec 11, 2024risk 0.00cvss —epss 0.01
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parse_lrc function within gstsubparse.c. The parse_lrc function calls strchr() to find the character ']' in the string line. The pointer…
Page 3 of 6