Lucene search
K

88 matches found

Redos
Redos
added 2026/06/23 12:0 a.m.8 views

ROS-20260623-73-0004

The vulnerability of the JPEG Parser component in the Gstreamer multimedia framework is related to the lack of proper checks on the data length. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.8CVSS6.2AI score0.00787EPSS
Exploits0
OSV
OSV
added 2026/06/18 6:4 p.m.4 views

MGASA-2026-0222 Updated gstreamer1.0-plugins-bad, gstreamer1.0-plugins-base, gstreamer1.0-plugins-good & gstreamer1.0-plugins-ugly packages fix security vulnerabilities

CVE-2026-2921, GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability CVE-2026-2923.GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability CVE-2026-3082, GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2026-308...

8.8CVSS7.5AI score0.00867EPSS
Exploits0References4
Mageia
Mageia
added 2026/06/18 6:4 p.m.7 views

Updated gstreamer1.0-plugins-bad, gstreamer1.0-plugins-base, gstreamer1.0-plugins-good & gstreamer1.0-plugins-ugly packages fix security vulnerabilities

CVE-2026-2921, GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability CVE-2026-2923.GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability CVE-2026-3082, GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2026-308...

8.8CVSS7.6AI score0.00867EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/15 7:10 p.m.6 views

CVE-2026-52719

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS5.3AI score0.0028EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2026/06/12 12:0 a.m.7 views

gstreamer1 -- multiple vulnerabilities

The GStreamer project reports: Multiple security issues were identified and fixed in the GStreamer framework. GStreamer-SA-2026-0030: Missing bounds checks in RTCP SDES packet parsing GStreamer-SA-2026-0031: Integer overflow and truncation in MXF demuxer GStreamer-SA-2026-0032: Out-of-bounds read...

8.8CVSS5.9AI score0.00489EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.14 views

RockyLinux 10 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free (RLSA-2026:19024)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19024 advisory. GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer: GStreamer: Remote Code Execution via heap-based buffer...

8.8CVSS6.4AI score0.00867EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2026/05/19 1:24 p.m.12 views

GStreamer: GStreamer: Remote Code Execution via heap-based buffer overflow in JPEG parser

A flaw was found in GStreamer. A remote attacker can exploit a heap-based buffer overflow vulnerability in the GStreamer JPEG parser by providing a specially crafted JPEG file. This issue is caused by improper validation of Huffman table lengths, which can lead to arbitrary code execution in the...

7.8CVSS7.8AI score0.00787EPSS
Exploits0References6
OSV
OSV
added 2026/05/19 12:0 a.m.10 views

ALSA-2026:19180 Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer:...

8.8CVSS6.4AI score0.00867EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.10 views

RHEL 9 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free (RHSA-2026:19180)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19180 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package...

8.8CVSS7.7AI score0.00867EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.7 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-good (UTSA-2026-021392)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021392 advisory. GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affecte...

7.8CVSS7.7AI score0.00787EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.6 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-base (UTSA-2026-021387)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021387 advisory. GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affecte...

7.8CVSS7.7AI score0.00787EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.44 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-bad-free (UTSA-2026-014317)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014317 advisory. GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affecte...

7.8CVSS7.7AI score0.00787EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gstreamer1-plugins-bad-free (UTSA-2026-014293)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014293 advisory. GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affecte...

7.8CVSS8.5AI score0.00787EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/21 7:5 p.m.9 views

GStreamer: GStreamer: Remote Code Execution via heap-based buffer overflow in JPEG parser

A flaw was found in GStreamer. A remote attacker can exploit a heap-based buffer overflow vulnerability in the GStreamer JPEG parser by providing a specially crafted JPEG file. This issue is caused by improper validation of Huffman table lengths, which can lead to arbitrary code execution in the...

7.8CVSS6.6AI score0.00787EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/21 5:47 p.m.11 views

GStreamer: GStreamer: Remote Code Execution via heap-based buffer overflow in JPEG parser

A flaw was found in GStreamer. A remote attacker can exploit a heap-based buffer overflow vulnerability in the GStreamer JPEG parser by providing a specially crafted JPEG file. This issue is caused by improper validation of Huffman table lengths, which can lead to arbitrary code execution in the...

7.8CVSS8AI score0.00787EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/20 4:34 a.m.6 views

GStreamer: GStreamer: Remote Code Execution via heap-based buffer overflow in JPEG parser

A flaw was found in GStreamer. A remote attacker can exploit a heap-based buffer overflow vulnerability in the GStreamer JPEG parser by providing a specially crafted JPEG file. This issue is caused by improper validation of Huffman table lengths, which can lead to arbitrary code execution in the...

7.8CVSS6.6AI score0.00787EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/20 3:31 a.m.4 views

GStreamer: GStreamer: Remote Code Execution via heap-based buffer overflow in JPEG parser

A flaw was found in GStreamer. A remote attacker can exploit a heap-based buffer overflow vulnerability in the GStreamer JPEG parser by providing a specially crafted JPEG file. This issue is caused by improper validation of Huffman table lengths, which can lead to arbitrary code execution in the...

7.8CVSS8AI score0.00787EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/20 2:58 a.m.7 views

GStreamer: GStreamer: Remote Code Execution via heap-based buffer overflow in JPEG parser

A flaw was found in GStreamer. A remote attacker can exploit a heap-based buffer overflow vulnerability in the GStreamer JPEG parser by providing a specially crafted JPEG file. This issue is caused by improper validation of Huffman table lengths, which can lead to arbitrary code execution in the...

7.8CVSS8AI score0.00787EPSS
Exploits0References6
OSV
OSV
added 2026/04/17 3:8 p.m.8 views

CLSA-2026-1776438517 gstreamer1-plugins-bad-free: Fix of CVE-2026-3082

CVE-2026-3082: fix heap-based buffer overflow in JPEG parser READBYTES macro by adding sizeofbuf bounds check...

7.8CVSS7.3AI score0.00787EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/04/13 2:31 a.m.3 views

GStreamer: GStreamer: Remote Code Execution via heap-based buffer overflow in JPEG parser

A flaw was found in GStreamer. A remote attacker can exploit a heap-based buffer overflow vulnerability in the GStreamer JPEG parser by providing a specially crafted JPEG file. This issue is caused by improper validation of Huffman table lengths, which can lead to arbitrary code execution in the...

7.8CVSS7.9AI score0.00787EPSS
Exploits0References6
Rows per page
Query Builder