Lucene search
K

52 matches found

Amazon
Amazon
added 2026/07/08 12:0 a.m.7 views

Important: gstreamer1-plugins-good

Issue Overview: Heap buffer overflow in the Matroska MKV demuxer when calculating decompressed buffer sizes for bz2-compressed tracks. The issue occurs due to missing parentheses in the buffer size calculation, causing incorrect memory allocation and potential out-of-bounds writes. from...

7.6CVSS6.5AI score0.0031EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in liblivemedia

Live555 before 2019.08.16 has a Use-After-Free issue, as GenericMediaServer::createNewClientSessionWithId can generate the same client session ID consecutively. This issue is handled improperly by the MPEG1or2 and Matroska file demultiplexors...

9.8CVSS8.2AI score0.01716EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2026/04/07 12:0 a.m.8 views

gstreamer1 -- multiple vulnerabilities

The GStreamer project reports multiple security vulnerabilities fixed in the 1.28.2 release: Several security vulnerabilities were addressed, including: H.264 video parser NULL pointer dereference when freeing SPS/MVC data. Integer overflows in the AV1 LEB128 parser, H.266/VVC video parser, and W...

9.1CVSS7.6AI score0.00208EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/01/07 9:27 a.m.12 views

CVE-2019-12874

An issue was discovered in zlibdecompressextra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free...

9.8CVSS6.8AI score0.02392EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-1470

Malware in sbrugna...

7.5CVSS6.1AI score0.03012EPSS
Exploits0References3
OSV
OSV
added 2025/10/04 12:11 a.m.19 views

RLSA-2025:7242 Moderate: gstreamer1-plugins-good security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer1-plugins-good: OOB-read in...

6.2CVSS6.7AI score0.01161EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-12874

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in zlibdecompressextra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing...

9.8CVSS8.6AI score0.02392EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/06/20 1:5 p.m.1 views

Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: CVE-2025-47183: Fixed out-of-bounds read in MOV/MP4 demuxer bsc1244406. CVE-2025-47219: Fixed out-of-bounds read in MOV/MP4 demuxer bsc1244405. CVE-2024-47540: Fixed uninitialized stack memory in Matroska/WebM demuxer bsc1234421...

7.8CVSS9.5AI score0.01005EPSS
Exploits2References12
RedHat Linux
RedHat Linux
added 2025/05/13 8:36 a.m.10 views

gstreamer1-plugins-good: Use-After-Free read in Matroska CodecPrivate

A flaw was found in the GStreamer library. A use-after-free in the Matroska demuxer can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash...

9.1CVSS5.7AI score0.00911EPSS
Exploits0References7
SUSE Linux
SUSE Linux
added 2025/01/10 4:48 p.m.5 views

Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: CVE-2024-47530: Fixed an uninitialized stack memory in Matroska/WebM demuxer. boo1234421 CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. boo1234414 CVE-2024-47539: Fixed an out-of-bounds write in converttos3341a...

7.8CVSS7AI score0.01344EPSS
Exploits1References88
Tenable Nessus
Tenable Nessus
added 2025/01/10 12:0 a.m.38 views

SUSE SLED15: gstreamer-plugins-good / gstreamer-plugins-good-32bit / etc (SUSE-SU-2025:0055-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0055-1 advisory. - CVE-2024-47606: Fixed an integer overflows in MP4/MOV demuxer and memory allocator that can le...

9.8CVSS6.8AI score0.01344EPSS
Exploits1References67
RedHat Linux
RedHat Linux
added 2024/12/18 9:41 a.m.4 views

gstreamer1-plugins-good: uninitialized stack memory in Matroska/WebM demuxer

A flaw was found in the Matroska/WebM demuxer in the GStreamer library. Processing a specially crafted input file can cause the usage of uninitialized stack memory, allowing calls to uninitialized function pointers, potentially resulting in code execution or an application crash...

9.8CVSS6.1AI score0.01005EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/12/16 3:58 p.m.2 views

gstreamer1-plugins-good: uninitialized stack memory in Matroska/WebM demuxer

A flaw was found in the Matroska/WebM demuxer in the GStreamer library. Processing a specially crafted input file can cause the usage of uninitialized stack memory, allowing calls to uninitialized function pointers, potentially resulting in code execution or an application crash...

9.8CVSS6.1AI score0.01005EPSS
Exploits0References7
OSV
OSV
added 2024/12/16 12:0 a.m.25 views

ALSA-2024:11122 Important: gstreamer1-plugins-good security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer1-plugins-good: uninitialized stack memory in...

9.8CVSS8.4AI score0.01344EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2024/12/12 7:53 p.m.9 views

CVE-2024-47601

A flaw was found in the GStreamer library. A NULL pointer dereference in the Matroska/WebM demuxer can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash...

5.5CVSS6.2AI score0.00865EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/12/11 7:11 p.m.22 views

CVE-2024-47603 GHSL-2024-251: GStreamer NULL-pointer dereference in Matroska/WebM demuxer

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxupdatetracks function within matroska-demux.c. The vulnerability occurs when the gstcapsisequal function is called with invalid caps...

6.8CVSS0.00865EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/12/11 7:11 p.m.17 views

CVE-2024-47603 GHSL-2024-251: GStreamer NULL-pointer dereference in Matroska/WebM demuxer

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxupdatetracks function within matroska-demux.c. The vulnerability occurs when the gstcapsisequal function is called with invalid caps...

6.8CVSS6.7AI score0.00865EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/12/11 7:10 p.m.13 views

CVE-2024-47602

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. This function does not properly check the validity of the stream-codecpriv pointer in th...

7.5CVSS6.1AI score0.00915EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/12/11 7:10 p.m.20 views

CVE-2024-47602 GHSL-2024-250: Streamer NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. This function does not properly check the validity of the stream-codecpriv pointer in th...

6.8CVSS6.7AI score0.00915EPSS
Exploits0References3
CVE
CVE
added 2024/12/11 7:10 p.m.100 views

CVE-2024-47602

CVE-2024-47602 is a GStreamer vulnerability affecting the Matroska/WebM demuxer where a null pointer dereference can occur in gst_matroska_demux_add_wvpk_header if stream->codec_priv is NULL. The issue causes an application crash when GST_READ_UINT16_LE dereferences the null pointer. Documents...

7.5CVSS6.8AI score0.00915EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder