CVE-2026-46470

An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemuxaudiocaps function does not sufficiently validate atom data before performing division operations, leading to denial of service due to integer division by zero...

UBUNTU-CVE-2026-46470

An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemuxaudiocaps function does not sufficiently validate atom data before performing division operations, leading to denial of service due to integer division by zero...

CVE-2026-46470

An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemuxaudiocaps function does not sufficiently validate atom data before performing division operations, leading to denial of service due to integer division by zero...

CVE-2026-46469

GStreamer gst-plugins-good prior to 1.28.2 contains a vulnerability in the isomp4 plugin (qtdemux_parse_trak) where insufficient validation of MP4 atom data allows integer division by zero, causing denial of service. The issue is fixed in 1.28.2 (see MR 11243; security advisory SA-2026-0018). No ...

EUVD-2026-30347

An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemuxparsetrak function does not sufficiently validate atom data before performing division operations, leading to denial of service due to integer division by zero...

PT-2026-41012

Name of the Vulnerable Software and Affected Versions GStreamer gst-plugins-good versions prior to 1.28.2 Description An issue exists when parsing MP4 audio tracks where the isomp4 plugin's qtdemux parse trak function fails to sufficiently validate atom data before performing division operations...

EUVD-2022-5571

Malicious code in bioql PyPI...

PT-2025-29039

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential null pointer dereference issue was resolved in the drm/amd/pp subsystem, specifically within the atomctrl initialize mc reg table and atomctrl initialize mc reg table v2 2...

DEBIAN-CVE-2024-58052

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL pointer dereference in atomctrlgetsmcsclkrangetable The function atomctrlgetsmcsclkrangetable does not check the return value of smuatomgetdatatable. If smuatomgetdatatable fails to retrieve SMUInfo...

UBUNTU-CVE-2024-58052

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL pointer dereference in atomctrlgetsmcsclkrangetable The function atomctrlgetsmcsclkrangetable does not check the return value of smuatomgetdatatable. If smuatomgetdatatable fails to retrieve SMUInfo...

CVE-2020-29245

dhowden tag before 2020-11-19 allows "panic: runtime error: slice bounds out of range" via readAtomData...

PT-2020-17120 · Dhowden · Dhowden Tag

Name of the Vulnerable Software and Affected Versions: dhowden tag versions prior to 0.0.0-20201120070457-d52dcb253c63 dhowden tag versions prior to 2020-11-19 Description: The issue is due to improper bounds checking in several methods, which can trigger a panic via readAPICFrame, readAtomData, ...

PT-2020-17119 · Dhowden · Dhowden

Name of the Vulnerable Software and Affected Versions: dhowden tag versions prior to 0.0.0-20201120070457-d52dcb253c63 Description: The issue is due to improper bounds checking in a number of methods, which can trigger a panic via readAPICFrame or readAtomData due to attempted out-of-bounds reads...

USN-736-1: GStreamer Good Plugins vulnerabilities

It was discovered that GStreamer Good Plugins did not correctly handle malformed Composition Time To Sample ctts atom data in Quicktime mov movie files. If a user were tricked into opening a crafted mov file, an attacker could execute arbitrary code with the privileges of the user invoking the...

PYSEC-2009-14

Heap-based buffer overflow in the qtdemuxparsesamples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins aka gst-plugins-good 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code via crafted Composition Time To Sample ctts atom data in a malformed QuickTime medi...

CVE-2009-0387

Affects GStreamer Good Plugins (gst-plugins-good) versions 0.10.9–0.10.11, with the root cause in qtdemux_parse_samples() in gst/qtdemux/qtdemux.c. Remote attackers could crash the application and potentially execute code by crafting QuickTime (mov) Sync Sample (stss) atom data, related to “mark ...