762 matches found
RLSA-2026:36673 Moderate: gstreamer1-plugins-ugly-free security update
GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins whose license is not fully compatible with LGPL. Security Fixes: gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer audio stream header...
RLSA-2026:36674 Moderate: gstreamer1-plugins-ugly-free security update
GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins whose license is not fully compatible with LGPL. Security Fixes: gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer audio stream header...
gstreamer1-plugins-ugly-free security update
An update is available for gstreamer1-plugins-ugly-free. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework, based on graph...
GStreamer < 1.28.4 Multiple Vulnerabilities
The version of GStreamer installed on the remote host is prior to 1.28.4. It is, therefore, affected by multiple vulnerabilities: - Multiple vulnerabilities were found in the RealMedia demuxer rmdemux and RealAudio demuxer rademux elements in gst-plugins-ugly. The demuxers lacked proper bounds...
RockyLinux 10 : gstreamer1-plugins-ugly-free (RLSA-2026:36673)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:36673 advisory. gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer audio stream header parser CVE-2026-53703 Tenable has extracted the preceding...
RockyLinux 9 : gstreamer1-plugins-ugly-free (RLSA-2026:36674)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:36674 advisory. gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer audio stream header parser CVE-2026-53703 gstreamer1-plugins-ugly-free:...
RHEL 9 : gstreamer1-plugins-ugly-free (RHSA-2026:36674)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:36674 advisory. GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins whose...
AlmaLinux 9 : gstreamer1-plugins-ugly-free (ALSA-2026:36674)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:36674 advisory. gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer audio stream header parser CVE-2026-53703 gstreamer1-plugins-ugly-free:...
gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer FILEINFO metadata parser
A flaw was found in GStreamer's RealMedia demuxer in the gst-plugins-ugly package. When processing a RealMedia file containing a specially crafted FILEINFO metadata section, the demuxer parses variable-name and variable-value pairs using reskippascalstring without validating that offsets remain...
Moderate: Red Hat Security Advisory: gstreamer1-plugins-ugly-free security update
An update for gstreamer1-plugins-ugly-free is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer audio stream header parser
A vulnerability was found in the GStreamer RealMedia demuxer gst-plugins-ugly. When processing a RealMedia .rm file, the demuxer parses MDPR media properties chunks to configure audio streams. For audio stream header versions 4 and 5, the parser reads fields such as codec type, packet size, sampl...
gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer audio stream header parser
A vulnerability was found in the GStreamer RealMedia demuxer gst-plugins-ugly. When processing a RealMedia .rm file, the demuxer parses MDPR media properties chunks to configure audio streams. For audio stream header versions 4 and 5, the parser reads fields such as codec type, packet size, sampl...
Moderate: Red Hat Security Advisory: gstreamer1-plugins-ugly-free security update
An update for gstreamer1-plugins-ugly-free is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
ALSA-2026:36674 Moderate: gstreamer1-plugins-ugly-free security update
GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins whose license is not fully compatible with LGPL. Security Fixes: gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer audio stream header...
Important: gstreamer1-plugins-good
Issue Overview: Heap buffer overflow in the Matroska MKV demuxer when calculating decompressed buffer sizes for bz2-compressed tracks. The issue occurs due to missing parentheses in the buffer size calculation, causing incorrect memory allocation and potential out-of-bounds writes. from...
Amazon Linux 2 : gstreamer1-plugins-good, --advisory ALAS2-2026-3788 (ALAS-2026-3788)
The version of gstreamer1-plugins-good installed on the remote host is prior to 1.18.4-6. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3788 advisory. Heap buffer overflow in the Matroska MKV demuxer when calculating decompressed buffer sizes for...
RHEL 10 : gstreamer1-plugins-ugly-free (RHSA-2026:36673)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:36673 advisory. GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins whose license is...
MiracleLinux 9 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free (AXSA:2026-1181:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-1181:01 advisory. GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer: GStreamer: Remote Code Execution via heap-based buff...
SUSE SLES12 Security Update : gstreamer-plugins-good (SUSE-SU-2026:2727-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2727-1 advisory. This update for gstreamer-plugins-good fixes the following issues - CVE-2024-47540: uninitialized stack memory in Matroska/WebM demuxer...
SUSE-SU-2026:2727-1 Security update for gstreamer-plugins-good
This update for gstreamer-plugins-good fixes the following issues - CVE-2024-47540: uninitialized stack memory in Matroska/WebM demuxer bsc1234421. - CVE-2026-53705: Heap buffer overflow in WavPack decoder via integer overflow bsc1268449...