53 matches found
EUVD-2026-36805
A denial of service vulnerability was found in GStreamer's AV1 codec parser in gst-plugins-bad. The gstav1parserparsetilelistobu function passes a byte count to a bit-reader API that expects a bit count, causing parser desynchronization. A remote attacker could trick a user into opening a special...
EUVD-2020-9060
Malware in sbrugna...
EUVD-2022-40625
Malicious code in bioql PyPI...
EUVD-2023-32914
Malicious code in bioql PyPI...
EUVD-2024-16239
Malicious code in bioql PyPI...
EUVD-2023-32913
Malicious code in bioql PyPI...
EUVD-2022-35375
Malicious code in bioql PyPI...
EUVD-2022-35399
Malicious code in bioql PyPI...
TencentOS Server 4: gstreamer1-plugins-bad-free (TSSA-2024:0475)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0475 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
NewStart CGSL MAIN 7.02 : gstreamer1-plugins-bad-free Vulnerability (NS-SA-2025-0083)
The remote NewStart CGSL host, running version MAIN 7.02, has gstreamer1-plugins-bad-free packages installed that are affected by a vulnerability: - GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute...
RHEL 9 : gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server (RHSA-2025:7178)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7178 advisory. The gstreamer1 packages contain a streaming media framework, based on graphs of filters which operate on media data. Security Fixes:...
Effective Fuzzing: A Dav1d Case Study
Guest post by Nick Galloway, Senior Security Engineer, 20% time on Project Zero Late in 2023, while working on a 20% project with Project Zero, I found an integer overflow in the dav1d AV1 video decoder. That integer overflow leads to an out-of-bounds write to memory. Dav1d 1.4.0 patched this, an...
[SECURITY] [DSA 5753-1] aom security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5753-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 21, 2024 https://www.debian.org/security/faq -...
Debian dsa-5753 : aom-tools - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5753 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5753-1 [email protected] https://www.debian.org/security/ Moritz...
CVE-2024-0444
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...
CVE-2024-0444 GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of tile lis...
CVE-2023-50186 GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...
PT-2024-6079 · Gstreamer +5 · Gstreamer +5
Name of the Vulnerable Software and Affected Versions: GStreamer versions prior to 1.22.9 Description: This issue allows remote attackers to execute arbitrary code on affected installations of GStreamer. The specific flaw exists within the parsing of tile list data within AV1-encoded video files...
SUSE: Security Advisory (SUSE-SU-2024:0100-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...