Lucene search
K

61 matches found

FreeBSD
FreeBSD
added 2026/05/11 12:0 a.m.14 views

gstreamer1 -- multiple vulnerabilities

The GStreamer project reports multiple security vulnerabilities fixed in the 1.28.3 release: Six security vulnerabilities were addressed, including: Bounds check errors in MXF VANC packet handling. Use-after-free in GStreamer core buffer value deserialization. Out-of-bounds read in MXF demuxer...

6.2AI score
Exploits0References6
OSV
OSV
added 2026/04/23 12:16 p.m.7 views

USN-8205-1 gst-plugins-bad1.0 vulnerabilities

It was discovered that multiple plugins in GStreamer contained arithmetic overflows. An attacker could possibly use this issue to cause applications using the plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2023-37329, CVE-2023-40474, CVE-2023-40475,...

8.8CVSS6.1AI score0.02009EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : gstreamer1-plugins-bad-free-1.16.1-2.el8_9.ML.1 (AXSA:2024-7357:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7357:01 advisory. gstreamer: MXF demuxer use-after-free vulnerability CVE-2023-44446 Tenable has extracted the preceding description block directly from the MiracleLinux...

8.8CVSS8AI score0.01744EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 7 : gstreamer1-plugins-bad-free-1.10.4-4.el7 (AXSA:2024-7382:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7382:02 advisory. gstreamer: MXF demuxer use-after-free vulnerability CVE-2023-44446 Tenable has extracted the preceding description block directly from the MiracleLinux...

8.8CVSS5.6AI score0.01744EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 7 : gstreamer-plugins-bad-free-0.10.23-24.el7 (AXSA:2024-7443:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7443:01 advisory. gstreamer: MXF demuxer use-after-free vulnerability CVE-2023-44446 Tenable has extracted the preceding description block directly from the MiracleLinux...

8.8CVSS8AI score0.01744EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : gstreamer1-plugins-bad-free-1.22.1-2.el9_3 (AXSA:2023-7048:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7048:03 advisory. gstreamer: AV1 codec parser heap-based buffer overflow CVE-2023-44429 gstreamer: MXF demuxer use-after-free vulnerability CVE-2023-44446 Tenable has...

8.8CVSS8.5AI score0.02189EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.3 views

TencentOS Server 3: gstreamer1-plugins-bad-free (TSSA-2024:0196)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0196 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.8CVSS7.7AI score0.02009EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/05/03 2:14 a.m.34 views

CVE-2023-44446

GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending...

8.8CVSS9.2AI score0.01744EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/04/30 10:19 a.m.6 views

gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with AES3 audio

A heap buffer overflow flaw was found in the MXF file, demuxer, in the GStreamer Plugins Bad when handling malformed files with AES3 audio. This issue requires user interaction with the library. It may allow a malicious user to cause an integer overflow before allocating the buffer, triggering a...

8.8CVSS6.3AI score0.01871EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/03/12 12:0 a.m.35 views

EulerOS 2.0 SP8 : gstreamer1-plugins-bad-free (EulerOS-SA-2024-1271)

According to the versions of the gstreamer1-plugins-bad-free package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A use-after-free flaw was found in the MXF demuxer in GStreamer when handling certain MXF video files. This issue could allo...

8.8CVSS7.5AI score0.01744EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/03/12 12:0 a.m.38 views

EulerOS 2.0 SP8 : gstreamer-plugins-bad-free (EulerOS-SA-2024-1272)

According to the versions of the gstreamer-plugins-bad-free package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A use-after-free flaw was found in the MXF demuxer in GStreamer when handling certain MXF video files. This issue could allow...

8.8CVSS7.5AI score0.01744EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/03/07 12:0 a.m.17 views

SUSE SLES15: gstreamer-plugins-bad / gstreamer-plugins-bad-chromaprint / etc (SUSE-SU-2024:0780-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0780-1 advisory. - CVE-2023-44446: Fixed use-after-free remote code execution vulnerability via MXF file bsc1217213. Tenable has extracted the preceding...

8.8CVSS7.9AI score0.01744EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/03/07 12:0 a.m.24 views

SUSE SLES12: gstreamer-plugins-bad / gstreamer-plugins-bad-devel / etc (SUSE-SU-2024:0779-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0779-1 advisory. - CVE-2023-44446: Fixed use-after-free remote code execution vulnerability via MXF file bsc1217213. Tenable has extracted the preceding...

8.8CVSS7.9AI score0.01744EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2024/03/05 12:0 a.m.12 views

CentOS: Security Advisory for gstreamer-plugins-bad-free (CESA-2024:0279)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9AI score0.01744EPSS
Exploits0References2
Cent OS
Cent OS
added 2024/02/05 7:26 p.m.257 views

gstreamer1 security update

CentOS Errata and Security Advisory CESA-2024:0013 An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives...

8.8CVSS7.3AI score0.01744EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/01/30 12:0 a.m.47 views

CentOS 7 : gstreamer-plugins-bad-free (RHSA-2024:0279)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0279 advisory. - MXF demuxer use-after-free vulnerability fedora-all CVE-2023-44446 Note that Nessus has not tested for this issue but has instead relied only on the...

8.8CVSS7.8AI score0.01744EPSS
Exploits0References2
Cent OS
Cent OS
added 2024/01/26 6:7 p.m.159 views

gstreamer security update

CentOS Errata and Security Advisory CESA-2024:0279 An update for gstreamer-plugins-bad-free is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives ...

8.8CVSS7.3AI score0.01744EPSS
Exploits0References7
Oracle linux
Oracle linux
added 2024/01/18 12:0 a.m.42 views

gstreamer-plugins-bad-free security update

0.10.23-24 - Patch CVE-2023-44446: MXF demuxer use-after-free - Disable gtk-doc to fix the build - Resolves: RHEL-16792...

8.8CVSS6.8AI score0.01744EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/01/18 12:0 a.m.26 views

Oracle Linux 7 : gstreamer-plugins-bad-free (ELSA-2024-0279)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0279 advisory. - Patch CVE-2023-44446: MXF demuxer use-after-free Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

8.8CVSS7.8AI score0.01744EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/01/17 6:7 p.m.50 views

Important: Red Hat Security Advisory: gstreamer-plugins-bad-free security update

An update for gstreamer-plugins-bad-free is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS7.3AI score0.01744EPSS
Exploits0References2
Rows per page
Query Builder