Filtered by vendor Gstreamer Project
Subscriptions
Filtered by product Gstreamer
Subscriptions
Total
72 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-5841 | 2 Gstreamer Project, Redhat | 2 Gstreamer, Enterprise Linux | 2024-11-21 | N/A |
The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving ncdt tags. | ||||
CVE-2017-5840 | 2 Gstreamer Project, Redhat | 2 Gstreamer, Enterprise Linux | 2024-11-21 | N/A |
The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current stts index. | ||||
CVE-2017-5839 | 2 Gstreamer Project, Redhat | 2 Gstreamer, Enterprise Linux | 2024-11-21 | N/A |
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow and crash) via vectors involving nested WAVEFORMATEX. | ||||
CVE-2017-5838 | 2 Gstreamer Project, Redhat | 2 Gstreamer, Enterprise Linux | 2024-11-21 | N/A |
The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string. | ||||
CVE-2017-5837 | 2 Gstreamer Project, Redhat | 2 Gstreamer, Enterprise Linux | 2024-11-21 | N/A |
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file. | ||||
CVE-2016-9447 | 2 Gstreamer Project, Redhat | 2 Gstreamer, Enterprise Linux | 2024-11-21 | N/A |
The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file. | ||||
CVE-2016-9446 | 3 Fedoraproject, Gstreamer Project, Redhat | 9 Fedora, Gstreamer, Enterprise Linux and 6 more | 2024-11-21 | 7.5 High |
The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas. | ||||
CVE-2016-9445 | 2 Gstreamer Project, Redhat | 2 Gstreamer, Enterprise Linux | 2024-11-21 | 7.5 High |
Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service (crash) via large width and height values, which triggers a buffer overflow. | ||||
CVE-2016-10199 | 2 Gstreamer Project, Redhat | 2 Gstreamer, Enterprise Linux | 2024-11-21 | N/A |
The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted tag value. | ||||
CVE-2016-10198 | 2 Gstreamer Project, Redhat | 2 Gstreamer, Enterprise Linux | 2024-11-21 | N/A |
The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted audio file. | ||||
CVE-2015-0797 | 6 Debian, Gstreamer Project, Linux and 3 more | 16 Debian Linux, Gstreamer, Linux Kernel and 13 more | 2024-11-21 | N/A |
GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file. | ||||
CVE-2009-0586 | 3 Canonical, Gstreamer Project, Redhat | 3 Ubuntu Linux, Gstreamer, Enterprise Linux | 2024-11-21 | N/A |
Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) before 0.10.23 in GStreamer allows context-dependent attackers to execute arbitrary code via a crafted COVERART tag that is converted from a base64 representation, which triggers a heap-based buffer overflow. |