VYPR

Vendor CVEs

Gstreamer

All CVEs

120 total · sorted by risk
  • CVE-2023-44446May 3, 2024
    risk 0.00cvss epss 0.02

    GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors…

  • CVE-2023-44429May 3, 2024
    risk 0.00cvss epss 0.02

    GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but…

  • CVE-2023-40476May 3, 2024
    risk 0.00cvss epss 0.02

    GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…

  • CVE-2023-40475May 3, 2024
    risk 0.00cvss epss 0.02

    GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…

  • CVE-2023-40474May 3, 2024
    risk 0.00cvss epss 0.02

    GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…

  • CVE-2023-38104May 3, 2024
    risk 0.00cvss epss 0.01

    GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…

  • CVE-2023-37327May 3, 2024
    risk 0.00cvss epss 0.02

    GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack…

  • CVE-2022-1923Jul 19, 2022
    risk 0.00cvss epss 0.00

    DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS…

  • CVE-2022-2122Jul 19, 2022
    risk 0.00cvss epss 0.00

    DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities,…

  • CVE-2022-1925Jul 19, 2022
    risk 0.00cvss epss 0.00

    DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be…

  • CVE-2022-1920Jul 19, 2022
    risk 0.00cvss epss 0.00

    Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite.

  • CVE-2022-1921Jul 19, 2022
    risk 0.00cvss epss 0.00

    Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite.

  • CVE-2021-3498Apr 19, 2021
    risk 0.00cvss epss 0.02

    GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files.

  • CVE-2021-3497Apr 19, 2021
    risk 0.00cvss epss 0.01

    GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files.

  • CVE-2021-3185Jan 25, 2021
    risk 0.00cvss epss 0.02

    A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution.

  • CVE-2020-6095Mar 27, 2020
    risk 0.00cvss epss 0.03

    An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to…

  • CVE-2015-0797May 14, 2015
    risk 0.00cvss epss 0.05

    GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264…

  • CVE-2009-1932Jun 4, 2009
    risk 0.00cvss epss 0.05

    Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service…

  • CVE-2009-0586Mar 14, 2009
    risk 0.00cvss epss 0.06

    Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) before 0.10.23 in GStreamer allows context-dependent attackers to execute arbitrary code via a crafted COVERART tag that…

  • CVE-2009-0398Feb 3, 2009
    risk 0.00cvss epss 0.03

    Array index error in the gst_qtp_trak_handler function in gst/qtdemux/qtdemux.c in GStreamer Plug-ins (aka gstreamer-plugins) 0.6.0 allows remote attackers to have an unknown impact via a crafted QuickTime media file.

Page 3 of 3