VYPR

Vendor CVEs

Gstreamer

All CVEs

120 total · sorted by risk
  • CVE-2016-9636CriJan 27, 2017
    risk 0.64cvss 9.8epss 0.09

    Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond…

  • CVE-2016-9635CriJan 27, 2017
    risk 0.64cvss 9.8epss 0.09

    Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond…

  • CVE-2016-9634CriJan 27, 2017
    risk 0.64cvss 9.8epss 0.09

    Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.

  • CVE-2026-52720HigJun 15, 2026
    risk 0.57cvss 8.8epss 0.00

    A heap buffer overflow vulnerability was found in GStreamer's librfb (RFB/VNC client). The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote…

  • CVE-2025-47219HigAug 7, 2025
    risk 0.53cvss 8.1epss 0.01

    In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_trak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure.

  • CVE-2016-9447HigJan 23, 2017
    risk 0.51cvss 7.8epss 0.03

    The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file.

  • CVE-2016-9809HigJan 13, 2017
    risk 0.51cvss 7.8epss 0.03

    Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.

  • CVE-2026-53705HigJun 15, 2026
    risk 0.49cvss 7.6epss 0.00

    A flaw was found in GStreamer's WavPack audio decoder in gst-plugins-good. When processing a specially crafted WavPack file, an integer overflow in the buffer size calculation (4 * block_samples * channels) in gst_wavpack_dec_handle_frame() causes a very small heap allocation.…

  • CVE-2024-44331HigOct 22, 2024
    risk 0.49cvss 7.5epss 0.01

    Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-server/rtsp-media.c allows remote attackers to cause a denial of service via a series of specially crafted hexstream requests.

  • CVE-2017-5848HigFeb 9, 2017
    risk 0.49cvss 7.5epss 0.04

    The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing.

  • CVE-2017-5847HigFeb 9, 2017
    risk 0.49cvss 7.5epss 0.04

    The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.

  • CVE-2017-5845HigFeb 9, 2017
    risk 0.49cvss 7.5epss 0.04

    The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a ncdt sub-tag that "goes behind" the surrounding tag.

  • CVE-2017-5843HigFeb 9, 2017
    risk 0.49cvss 7.5epss 0.04

    Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service (crash) via vectors involving stream tags, as…

  • CVE-2017-5841HigFeb 9, 2017
    risk 0.49cvss 7.5epss 0.04

    The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving ncdt tags.

  • CVE-2017-5840HigFeb 9, 2017
    risk 0.49cvss 7.5epss 0.05

    The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current stts index.

  • CVE-2017-5839HigFeb 9, 2017
    risk 0.49cvss 7.5epss 0.04

    The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow and crash) via vectors involving nested…

  • CVE-2017-5838HigFeb 9, 2017
    risk 0.49cvss 7.5epss 0.05

    The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string.

  • CVE-2016-10199HigFeb 9, 2017
    risk 0.49cvss 7.5epss 0.04

    The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted tag value.

  • CVE-2016-9446HigJan 23, 2017
    risk 0.49cvss 7.5epss 0.04

    The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas.

  • CVE-2016-9445HigJan 23, 2017
    risk 0.49cvss 7.5epss 0.04

    Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service (crash) via large width and height values, which triggers a buffer overflow.

  • CVE-2016-9812HigJan 13, 2017
    risk 0.49cvss 7.5epss 0.04

    The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a too small section.

  • CVE-2016-9808HigJan 13, 2017
    risk 0.49cvss 7.5epss 0.05

    The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via a crafted series of skip and count pairs.

  • CVE-2026-53704HigJun 15, 2026
    risk 0.46cvss 7.1epss 0.00

    A flaw was found in GStreamer's RealMedia demuxer in the gst-plugins-ugly package. When processing a RealMedia file containing a specially crafted FILEINFO metadata section, the demuxer parses variable-name and variable-value pairs using re_skip_pascal_string() without…

  • CVE-2026-53703HigJun 15, 2026
    risk 0.46cvss 7.1epss 0.00

    A vulnerability was found in the GStreamer RealMedia demuxer (gst-plugins-ugly). When processing a RealMedia (.rm) file, the demuxer parses MDPR (media properties) chunks to configure audio streams. For audio stream header versions 4 and 5, the parser reads fields such as codec…

  • CVE-2026-52722HigJun 15, 2026
    risk 0.46cvss 7.1epss 0.00

    A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a…

  • CVE-2026-52719HigJun 15, 2026
    risk 0.46cvss 7.1epss 0.00

    An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially…

  • CVE-2026-52718MedJun 15, 2026
    risk 0.42cvss 6.5epss 0.00

    A denial of service vulnerability was found in GStreamer's AV1 codec parser in gst-plugins-bad. The gst_av1_parser_parse_tile_list_obu() function passes a byte count to a bit-reader API that expects a bit count, causing parser desynchronization. A remote attacker could trick a…

  • CVE-2026-53702MedJun 11, 2026
    risk 0.42cvss 6.5epss 0.00

    A stack buffer overflow flaw was found in the GStreamer H.265 codec parser library (gst-plugins-bad). When parsing a buffering period SEI message, the parser uses an incorrect loop bound derived from cpb_cnt_minus1[i] (the loop index) instead of the sub-layer 0 CPB count…

  • CVE-2026-53701MedJun 11, 2026
    risk 0.42cvss 6.5epss 0.00

    An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing of gst_h266_parser_parse_picture_partition() (gsth266parser.c), the loop iterates without checking that the slice index…

  • CVE-2016-9813MedJan 13, 2017
    risk 0.39cvss 5.5epss 0.08

    The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.

  • CVE-2021-3522MedJun 2, 2021
    risk 0.36cvss 5.5epss 0.05

    GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.

  • CVE-2017-5846MedFeb 9, 2017
    risk 0.36cvss 5.5epss 0.02

    The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors related to the number of languages in a video file.

  • CVE-2017-5844MedFeb 9, 2017
    risk 0.36cvss 5.5epss 0.03

    The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file.

  • CVE-2017-5842MedFeb 9, 2017
    risk 0.36cvss 5.5epss 0.02

    The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted SMI file, as demonstrated by OneNote_Manager.smi.

  • CVE-2017-5837MedFeb 9, 2017
    risk 0.36cvss 5.5epss 0.03

    The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file.

  • CVE-2016-10198MedFeb 9, 2017
    risk 0.36cvss 5.5epss 0.03

    The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted audio file.

  • CVE-2016-9810MedJan 13, 2017
    risk 0.36cvss 5.5epss 0.02

    The gst_decode_chain_free_internal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via an invalid file, which triggers an incorrect unref call.

  • CVE-2016-9807MedJan 13, 2017
    risk 0.36cvss 5.5epss 0.03

    The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted FLIC file.

  • CVE-2026-52721MedJun 15, 2026
    risk 0.34cvss 5.3epss 0.00

    Multiple out-of-bounds read vulnerabilities were found in GStreamer's pcapparse element. Malformed PCAP records can trigger reads beyond buffer boundaries during IPv4/TCP header parsing. This element is primarily used in debugging pipelines, limiting real-world exposure. A local…

  • CVE-2026-1940MedMar 23, 2026
    risk 0.33cvss 5.1epss 0.00

    An incomplete fix for CVE-2024-47778 allows an out-of-bounds read in gst_wavparse_adtl_chunk() function. The patch added a size validation check lsize + 8 > size, but it does not account for the GST_ROUND_UP_2(lsize) used in the actual offset calculation. When lsize is an odd…

  • CVE-2016-9811MedJan 13, 2017
    risk 0.31cvss 4.7epss 0.02

    The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.

  • CVE-2026-46470MedMay 14, 2026
    risk 0.26cvss 4.0epss 0.00

    An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemux_audio_caps function does not sufficiently validate atom data before performing division operations, leading to denial of service due to integer…

  • CVE-2026-46469MedMay 14, 2026
    risk 0.26cvss 4.0epss 0.00

    An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemux_parse_trak function does not sufficiently validate atom data before performing division operations, leading to denial of service due to integer…

  • CVE-2006-4192Aug 17, 2006
    risk 0.04cvss epss 0.08

    Multiple buffer overflows in MODPlug Tracker (OpenMPT) 1.17.02.43 and earlier and libmodplug 0.8 and earlier, as used in GStreamer and possibly other products, allow user-assisted remote attackers to execute arbitrary code via (1) long strings in ITP files used by the…

  • CVE-2023-50186May 3, 2024
    risk 0.01cvss epss 0.02

    GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but…

  • CVE-2023-38103May 3, 2024
    risk 0.01cvss epss 0.01

    GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…

  • CVE-2023-37329May 3, 2024
    risk 0.01cvss epss 0.01

    GStreamer SRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but…

  • CVE-2023-37328May 3, 2024
    risk 0.01cvss epss 0.02

    GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but…

  • CVE-2019-9928Apr 24, 2019
    risk 0.01cvss epss 0.06

    GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.

  • CVE-2009-0397Feb 3, 2009
    risk 0.01cvss epss 0.07

    Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via…

Page 1 of 3