Lucene search
K

527 matches found

OSV
OSV
added 2026/06/18 6:4 p.m.4 views

MGASA-2026-0222 Updated gstreamer1.0-plugins-bad, gstreamer1.0-plugins-base, gstreamer1.0-plugins-good & gstreamer1.0-plugins-ugly packages fix security vulnerabilities

CVE-2026-2921, GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability CVE-2026-2923.GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability CVE-2026-3082, GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2026-308...

8.8CVSS7.5AI score0.00867EPSS
Exploits0References4
Mageia
Mageia
added 2026/06/18 6:4 p.m.7 views

Updated gstreamer1.0-plugins-bad, gstreamer1.0-plugins-base, gstreamer1.0-plugins-good & gstreamer1.0-plugins-ugly packages fix security vulnerabilities

CVE-2026-2921, GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability CVE-2026-2923.GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability CVE-2026-3082, GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2026-308...

8.8CVSS7.6AI score0.00867EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/09 3:40 p.m.7 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in file-type-16.5.4.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerability in file-type-16.5.4.tgz Vulnerability Details CVEID:CVE-2026-31808 DESCRIPTION: file-type detects the file type of a file, stream, or data. Prior to 21.3.1, a denial of service vulnerability exists in the ASF WMV/WMA file type...

5.3CVSS5.5AI score0.00325EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.17 views

TencentOS Server 3: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good (TSSA-2026:0391)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0391 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.8CVSS7.7AI score0.00867EPSS
Exploits0References7
OSV
OSV
added 2026/05/19 12:0 a.m.14 views

ALSA-2026:19024 Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer:...

8.8CVSS7.7AI score0.00867EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.8 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-base (UTSA-2026-021386)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021386 advisory. GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affecte...

7.8CVSS7.7AI score0.00773EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.11 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-good (UTSA-2026-021385)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021385 advisory. GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affecte...

7.8CVSS7.7AI score0.00773EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.9 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-bad-free (UTSA-2026-021396)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021396 advisory. GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affecte...

7.8CVSS7.7AI score0.00773EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2026/05/06 12:0 a.m.3 views

The vulnerability of the ASF plugin for the Gstreamer multimedia framework allows a hacker to execute arbitrary code.

The vulnerability of the ASF plugin in the Gstreamer multimedia framework is related to insufficient data validation. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.3AI score0.00773EPSS
Exploits0References10Affected Software9
RedHat Linux
RedHat Linux
added 2026/04/20 4:34 a.m.5 views

GStreamer: GStreamer: Arbitrary code execution via ASF file processing

A flaw was found in GStreamer. This heap-based buffer overflow vulnerability in the ASF Demuxer component allows a remote attacker to execute arbitrary code. The issue arises from insufficient validation of user-supplied data length when processing stream headers within ASF Advanced Systems Forma...

7.8CVSS6.8AI score0.00773EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/20 2:58 a.m.8 views

GStreamer: GStreamer: Arbitrary code execution via ASF file processing

A flaw was found in GStreamer. This heap-based buffer overflow vulnerability in the ASF Demuxer component allows a remote attacker to execute arbitrary code. The issue arises from insufficient validation of user-supplied data length when processing stream headers within ASF Advanced Systems Forma...

7.8CVSS8.2AI score0.00773EPSS
Exploits0References6
OSV
OSV
added 2026/04/09 12:7 p.m.7 views

RLSA-2026:6259 Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer:...

8.8CVSS7.8AI score0.00867EPSS
Exploits0References8
OSV
OSV
added 2026/04/09 6:2 a.m.9 views

RLSA-2026:6750 Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer:...

8.8CVSS6.5AI score0.00867EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.4 views

RockyLinux 9 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free (RLSA-2026:6300)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:6300 advisory. GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer: GStreamer: Remote Code Execution via heap-based buffer...

8.8CVSS6.7AI score0.00867EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2026/04/05 12:0 a.m.8 views

AlmaLinux 9 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free (ALSA-2026:6300)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:6300 advisory. GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer: GStreamer: Remote Code Execution via heap-based buffer...

8.8CVSS7.8AI score0.00867EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/03/31 7:50 p.m.4 views

GStreamer: GStreamer: Arbitrary code execution via ASF file processing

A flaw was found in GStreamer. This heap-based buffer overflow vulnerability in the ASF Demuxer component allows a remote attacker to execute arbitrary code. The issue arises from insufficient validation of user-supplied data length when processing stream headers within ASF Advanced Systems Forma...

7.8CVSS7.9AI score0.00773EPSS
Exploits0References6
Debian
Debian
added 2026/03/29 8:43 p.m.10 views

[SECURITY] [DLA 4516-1] gst-plugins-ugly1.0 security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-4516-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta March 30, 2026 https://wiki.debian.org/LTS -...

7.8CVSS7.3AI score0.00773EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/26 3:2 p.m.6 views

CVE-2026-32256

music-metadata is a metadata parser for audio and video media files. Prior to version 11.12.3, music-metadata's ASF parser parseExtensionObject in lib/asf/AsfParser.ts:112-158 enters an infinite loop when a sub-object inside the ASF Header Extension Object has objectSize = 0. Version 11.12.3 fixe...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/03/24 2:56 p.m.5 views

Security update for gstreamer-plugins-ugly

This update for gstreamer-plugins-ugly fixes the following issues: CVE-2026-2920: GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability bsc1259367. CVE-2026-2922: GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability bsc1259370. Patch...

7.8CVSS5.9AI score0.00773EPSS
Exploits0References8
OSV
OSV
added 2026/03/23 9:44 a.m.4 views

OPENSUSE-SU-2026:20410-1 Security update for exiv2

This update for exiv2 fixes the following issues: Update to exiv2 0.28.8: - CVE-2024-24826: out-of-bounds read in QuickTimeVideo: NikonTagsDecoder bsc1219870. - CVE-2024-25112: denial of service due to unbounded recursion in QuickTimeVideo: multipleEntriesDecoder bsc1219871. - CVE-2024-39695:...

9.8CVSS6.1AI score0.00816EPSS
Exploits3References18
Rows per page
Query Builder