Gstreamer
by Gstreamer
Source repositories
CVEs (105)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-47543 | 0.00 | — | 0.01 | Dec 11, 2024 | GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in qtdemux_parse_container function within qtdemux.c. In the parent function qtdemux_parse_node, the value of length is not well checked. So, if length is… | |||
| CVE-2024-47542 | 0.00 | — | 0.01 | Dec 11, 2024 | GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2_read_synch_uint function, located in id3v2.c. If id3v2_read_synch_uint is called with a null work->hdr.frame_data, the pointer guint8 *data is… | |||
| CVE-2024-47541 | 0.00 | — | 0.01 | Dec 11, 2024 | GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gst_ssa_parse_remove_override_codes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA (SubStation Alpha)… | |||
| CVE-2024-47540 | 0.00 | — | 0.01 | Dec 11, 2024 | GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gst_matroska_demux_add_wvpk_header function within matroska-demux.c. When size < 4, the program calls gst_buffer_unmap with an… | |||
| CVE-2024-47539 | 0.00 | — | 0.01 | Dec 11, 2024 | GStreamer is a library for constructing graphs of media-handling components. An out-of-bounds write vulnerability was identified in the convert_to_s334_1a function in isomp4/qtdemux.c. The vulnerability arises due to a discrepancy between the size of memory allocated to the… | |||
| CVE-2024-47538 | 0.00 | — | 0.01 | Dec 11, 2024 | GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the `vorbis_handle_identification_packet` function within `gstvorbisdec.c`. The position array is a stack-allocated buffer of size 64. If vd->vi.channels… | |||
| CVE-2024-47537 | 0.00 | — | 0.01 | Dec 11, 2024 | GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream->samples to accommodate stream->n_samples + samples_count elements of type QtDemuxSample. The problem is that samples_count is read… | |||
| CVE-2024-0444 | 0.00 | — | 0.02 | Jun 7, 2024 | GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but… | |||
| CVE-2024-4453 | 0.00 | — | 0.02 | May 22, 2024 | GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack… | |||
| CVE-2023-44446 | 0.00 | — | 0.02 | May 3, 2024 | GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors… | |||
| CVE-2023-44429 | 0.00 | — | 0.02 | May 3, 2024 | GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but… | |||
| CVE-2023-40476 | 0.00 | — | 0.02 | May 3, 2024 | GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack… | |||
| CVE-2023-40475 | 0.00 | — | 0.02 | May 3, 2024 | GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack… | |||
| CVE-2023-40474 | 0.00 | — | 0.02 | May 3, 2024 | GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack… | |||
| CVE-2023-38104 | 0.00 | — | 0.01 | May 3, 2024 | GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack… | |||
| CVE-2023-37327 | 0.00 | — | 0.02 | May 3, 2024 | GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack… | |||
| CVE-2022-1923 | 0.00 | — | 0.00 | Jul 19, 2022 | DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS… | |||
| CVE-2022-2122 | 0.00 | — | 0.00 | Jul 19, 2022 | DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities,… | |||
| CVE-2022-1925 | 0.00 | — | 0.00 | Jul 19, 2022 | DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be… | |||
| CVE-2022-1920 | 0.00 | — | 0.00 | Jul 19, 2022 | Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite. |
- CVE-2024-47543Dec 11, 2024risk 0.00cvss —epss 0.01
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in qtdemux_parse_container function within qtdemux.c. In the parent function qtdemux_parse_node, the value of length is not well checked. So, if length is…
- CVE-2024-47542Dec 11, 2024risk 0.00cvss —epss 0.01
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2_read_synch_uint function, located in id3v2.c. If id3v2_read_synch_uint is called with a null work->hdr.frame_data, the pointer guint8 *data is…
- CVE-2024-47541Dec 11, 2024risk 0.00cvss —epss 0.01
GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gst_ssa_parse_remove_override_codes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA (SubStation Alpha)…
- CVE-2024-47540Dec 11, 2024risk 0.00cvss —epss 0.01
GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gst_matroska_demux_add_wvpk_header function within matroska-demux.c. When size < 4, the program calls gst_buffer_unmap with an…
- CVE-2024-47539Dec 11, 2024risk 0.00cvss —epss 0.01
GStreamer is a library for constructing graphs of media-handling components. An out-of-bounds write vulnerability was identified in the convert_to_s334_1a function in isomp4/qtdemux.c. The vulnerability arises due to a discrepancy between the size of memory allocated to the…
- CVE-2024-47538Dec 11, 2024risk 0.00cvss —epss 0.01
GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the `vorbis_handle_identification_packet` function within `gstvorbisdec.c`. The position array is a stack-allocated buffer of size 64. If vd->vi.channels…
- CVE-2024-47537Dec 11, 2024risk 0.00cvss —epss 0.01
GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream->samples to accommodate stream->n_samples + samples_count elements of type QtDemuxSample. The problem is that samples_count is read…
- CVE-2024-0444Jun 7, 2024risk 0.00cvss —epss 0.02
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but…
- CVE-2024-4453May 22, 2024risk 0.00cvss —epss 0.02
GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…
- CVE-2023-44446May 3, 2024risk 0.00cvss —epss 0.02
GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors…
- CVE-2023-44429May 3, 2024risk 0.00cvss —epss 0.02
GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but…
- CVE-2023-40476May 3, 2024risk 0.00cvss —epss 0.02
GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…
- CVE-2023-40475May 3, 2024risk 0.00cvss —epss 0.02
GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…
- CVE-2023-40474May 3, 2024risk 0.00cvss —epss 0.02
GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…
- CVE-2023-38104May 3, 2024risk 0.00cvss —epss 0.01
GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…
- CVE-2023-37327May 3, 2024risk 0.00cvss —epss 0.02
GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…
- CVE-2022-1923Jul 19, 2022risk 0.00cvss —epss 0.00
DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS…
- CVE-2022-2122Jul 19, 2022risk 0.00cvss —epss 0.00
DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities,…
- CVE-2022-1925Jul 19, 2022risk 0.00cvss —epss 0.00
DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be…
- CVE-2022-1920Jul 19, 2022risk 0.00cvss —epss 0.00
Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite.
Page 5 of 6