RockyLinux 9 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free (RLSA-2026:6300)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:6300 advisory. GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer: GStreamer: Remote Code Execution via heap-based buffer...

EUVD-2026-12113

GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

Linux Distros Unpatched Vulnerability : CVE-2025-70308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read in the GSF demuxer filter component of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted .gsf file. CVE-2025-703...

JLSEC-2025-137 FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an ...

FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an integer overflow, potentially resulting in a denial-of-service DoS condition...

EUVD-2023-58825

Malicious code in bioql PyPI...

CVE-2023-6602

A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists...

gstreamer1-plugins-base: out-of-bounds write in Ogg demuxer

A flaw was found in the GStreamer library. An out-of-bounds write in the Ogg demuxer can cause crashes for certain input files. This vulnerability allows a malicious third party to trigger out-of-bounds writes that can result in the application's crash or possibly allow code execution through hea...

gstreamer1-plugins-good: uninitialized stack memory in Matroska/WebM demuxer

A flaw was found in the Matroska/WebM demuxer in the GStreamer library. Processing a specially crafted input file can cause the usage of uninitialized stack memory, allowing calls to uninitialized function pointers, potentially resulting in code execution or an application crash...

PT-2024-15022 · FFmpeg +1 · Ffmpeg +1

Name of the Vulnerable Software and Affected Versions: FFmpeg affected versions not specified Description: A flaw was found in FFmpeg's HLS demuxer, allowing bypassing of unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file...

gstreamer1 security update

CentOS Errata and Security Advisory CESA-2024:0013 An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives...

Important: Red Hat Security Advisory: gstreamer1-plugins-bad-free security update

An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

gstreamer: MXF demuxer use-after-free vulnerability

A use-after-free flaw was found in the MXF demuxer in GStreamer when handling certain MXF video files. This issue could allow a malicious third party to trigger a crash in the application and may allow code execution...

SUSE CVE-2018-1999015

FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASFF format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to...

DEBIAN-CVE-2018-1999015

FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASFF format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to...

Slackware Advisory SSA:2008-111-01 xine-lib

The remote host is missing an update as announced via advisory SSA:2008-111-01. OpenVAS Vulnerability Test $Id: esoftslkssa200811101.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

DEBIAN-CVE-2009-4639

The avrescalernd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service crash via a crafted AVI file that triggers a divide-by-zero error...