PT-2026-42390

It was discovered that GStreamer Good Plugins incorrectly handled certain MOV/MP4 media files. A remote attacker could use this issue to cause GStreamer Good Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...

EUVD-2018-21843

Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can craft a payload with 780 bytes of junk data followed by structured shellcode and place it in the...

gstreamer1 -- multiple vulnerabilities

The GStreamer project reports multiple security vulnerabilities fixed in the 1.28.3 release: Six security vulnerabilities were addressed, including: Bounds check errors in MXF VANC packet handling. Use-after-free in GStreamer core buffer value deserialization. Out-of-bounds read in MXF demuxer...

Linux Distros Unpatched Vulnerability : CVE-2025-65407

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the MPEG1or2Demux::newElementaryStream function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service DoS via...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which originates from the media driver not setting devicecaps for MPEG encoders...

gstreamer1-plugins-good: OOB-write in isomp4/qtdemux.c

A flaw was found in the GStreamer library. An integer overflow in the MP4/MOV demuxer's sample table parser can lead to out-of-bounds writes and NULL-pointer dereferences for certain input files. This vulnerability allows a malicious third party to trigger an application crash and, in the case of...

GPAC Project Advanced Content 缓冲区错误漏洞

GPAC Project on Advanced Content is an open source cross-platform library that implements the MPEG-4 system standard and provides tools for media playback, vector graphics, and 3D rendering. an integer overflow vulnerability exists in the MPEG-4 decoding functionality in GPAC Project on Advanced...

CVE-2018-13300

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

DEBIAN-CVE-2018-13300

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

UBUNTU-CVE-2018-13301

In FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ffmpeg4decodepictureheader function in libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service...

CVE-2017-2992

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution...

Mozilla: Memory leak in libstagefright when deleting an array during MP4 processing (MFSA 2016-20)

Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service memory consumption via an MPEG-4 file that triggers a delete operation on an array...