16 matches found
MiracleLinux 9 : gstreamer1-plugins-bad-free-1.22.12-3.el9, gstreamer1-plugins-ugly-free-1.22.12-3.el9, gstreamer1-rtsp-server-1.22.12-3.el9, gstreamer1-1.22.12-3.el9 (AXSA:2025-10412:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10412:01 advisory. gstreamer: EXIF Metadata Parsing Integer Overflow CVE-2024-4453 gstreamer: AV1 Video Parsing Stack-based Buffer Overflow CVE-2024-0444 Tenable has...
gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server security update
An update is available for gstreamer1. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gstreamer1 packages contain a streaming media framework, based on grap...
AlmaLinux 9 : gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server (ALSA-2025:7178)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:7178 advisory. gstreamer: EXIF Metadata Parsing Integer Overflow CVE-2024-4453 gstreamer: AV1 Video Parsing Stack-based Buffer Overflow CVE-2024-0444 Tenable has extract...
TencentOS Server 4: gstreamer1-plugins-bad-free (TSSA-2024:0659)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0659 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
ALSA-2025:7178 Moderate: gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server security update
The gstreamer1 packages contain a streaming media framework, based on graphs of filters which operate on media data. Security Fixes: gstreamer: EXIF Metadata Parsing Integer Overflow CVE-2024-4453 gstreamer: AV1 Video Parsing Stack-based Buffer Overflow CVE-2024-0444 For more details about the...
RHEL 9 : gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server (RHSA-2025:7178)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7178 advisory. The gstreamer1 packages contain a streaming media framework, based on graphs of filters which operate on media data. Security Fixes:...
Fedora: Security Advisory (FEDORA-2024-919bc7e512)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-73f181db2a)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-da86a4f061)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 39 : mingw-gstreamer1 / mingw-gstreamer1-plugins-bad-free / etc (2024-919bc7e512)
The remote Fedora 39 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-919bc7e512 advisory. Update to gstreamer-1.22.9. ---- Backport fix for CVE-2024-0444. Tenable has extracted the preceding description block directly from the Fedora...
CVE-2024-0444
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...
CVE-2024-0444
CVE-2024-0444 concerns GStreamer and its AV1 parsing path. The flaw is a stack-based buffer overflow in the AV1 tile-list data parsing, caused by insufficient validation of the length of user-supplied data before copying to a fixed-size stack buffer. Exploitation can lead to remote arbitrary code...
Amazon Linux 2 : gstreamer1-plugins-bad-free (ALAS-2024-2454)
The version of gstreamer1-plugins-bad-free installed on the remote host is prior to 1.18.4-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2454 advisory. GStreamer-SA-2024-0001: AV1 codec parser potential buffer overflow during tile list parsing NOTE:...
Debian: Security Advisory (DSA-5608-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 5608-1] gst-plugins-bad1.0 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5608-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 27, 2024 https://www.debian.org/security/faq -...
Debian dsa-5608 : gir1.2-gst-plugins-bad-1.0 - security update
The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5608 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5608-1...