Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2024/12/12 8:45 a.m.12 views

CVE-2024-47613

A flaw was found in the gdk-pixbuf decoder in the GStreamer library. Processing a specially crafted input file can cause a NULL pointer dereference due to an unchecked return value, resulting in an application crash and a denial of service. Mitigation Do not process untrusted files with the...

6.5CVSS6AI score0.00901EPSS
Exploits0References6
NVD
NVD
added 2024/12/12 2:3 a.m.9 views

CVE-2024-47596

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in the qtdemuxparsesvq3stsddata function within qtdemux.c. In the FOURCCSMI case, seqhsize is read from the input file without proper validation. If seqhsize is greater than the remaining...

7.5CVSS0.01134EPSS
Exploits0References4
NVD
NVD
added 2024/12/12 2:3 a.m.14 views

CVE-2024-47545

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemuxparsetrak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this happen...

7.5CVSS0.01072EPSS
Exploits0References4
NVD
NVD
added 2024/12/12 2:3 a.m.11 views

CVE-2024-47542

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2readsynchuint function, located in id3v2.c. If id3v2readsynchuint is called with a null work-hdr.framedata, the pointer guint8 data is accessed without validatio...

7.5CVSS0.01095EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/12/11 7:17 p.m.15 views

CVE-2024-47835 GHSL-2024-263: Gstreamer NULL-pointer dereference in LRC subtitle parser

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parselrc function within gstsubparse.c. The parselrc function calls strchr to find the character '' in the string line. The pointer returned by this call ...

6.8CVSS6.7AI score0.01036EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2024/12/11 7:17 p.m.19 views

CVE-2024-47835

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parselrc function within gstsubparse.c. The parselrc function calls strchr to find the character '' in the string line. The pointer returned by this call ...

7.5CVSS6.5AI score0.01036EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2024/12/11 7:16 p.m.17 views

CVE-2024-47776

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gstwavparsecuechunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatch...

9.1CVSS6.5AI score0.01161EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/12/11 7:14 p.m.22 views

CVE-2024-47613 GHSL-2024-118: GStreamer has a null pointer dereference in gst_gdk_pixbuf_dec_flush

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been identified in gstgdkpixbufdecflush within gstgdkpixbufdec.c. This function invokes memcpy, using outpix as the destination address. outpix is expected to point to the fra...

8.6CVSS0.00901EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/12/11 7:13 p.m.23 views

CVE-2024-47607 GHSL-2024-116: Stack-buffer overflow in gst_opus_dec_parse_header

GStreamer is a library for constructing graphs of media-handling components. stack-buffer overflow has been detected in the gstopusdecparseheader function within gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If nchannels exceeds 64, the for loop will write beyond the...

8.6CVSS0.01199EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/12/11 7:3 p.m.6 views

CVE-2024-47601

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxparseblockgrouporsimpleblock function within matroska-demux.c. This function does not properly check the validity of the GstBuffer sub...

7.5CVSS6.1AI score0.00865EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2024/12/11 7:1 p.m.12 views

CVE-2024-47597

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been detected in the function qtdemuxparsesamples within qtdemux.c. This issue arises when the function qtdemuxparsesamples reads data beyond the boundaries of the stream-stco buffer. The following code...

9.1CVSS6.6AI score0.01161EPSS
Exploits0References4
CVE
CVE
added 2024/12/11 7:1 p.m.120 views

CVE-2024-47596

GStreamer has a known OOB-read vulnerability in the qtdemux_parse_svq3_stsd_data path (FOURCC_SMI_) where seqh_size is read from the input without proper validation. If seqh_size exceeds the remaining data, a subsequent gst_buffer_fill memcpy can read beyond buffer bounds, risking reading up to 4...

7.5CVSS6.7AI score0.01134EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2024/12/11 7:1 p.m.19 views

CVE-2024-47546 GHSL-2024-243: GStreamer has an integer underflow in extract_cc_from_data leading to OOB-read

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extractccfromdata function within qtdemux.c. In the FOURCCc708 case, the subtraction atomlength - 8 may result in an underflow if atomlength is less than 8. When that subtraction...

6.9CVSS0.01072EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/12/11 6:58 p.m.19 views

CVE-2024-47545 GHSL-2024-242: GStreamer has an integer underflow in FOURCC_strf parsing leading to OOB-read

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemuxparsetrak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this happen...

6.9CVSS0.01072EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/12/11 6:58 p.m.20 views

CVE-2024-47545 GHSL-2024-242: GStreamer has an integer underflow in FOURCC_strf parsing leading to OOB-read

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemuxparsetrak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this happen...

6.9CVSS6.9AI score0.01072EPSS
Exploits0References3
OSV
OSV
added 2024/12/11 6:57 p.m.8 views

CVE-2024-47544 GHSL-2024-238: GStreamer has NULL-pointer dereferences in MP4/MOV demuxer CENC handling

GStreamer is a library for constructing graphs of media-handling components. The function qtdemuxparsesbgp in qtdemux.c is affected by a null dereference vulnerability. This vulnerability is fixed in 1.24.10...

6.8CVSS6.6AI score0.01072EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2024/12/11 6:55 p.m.12 views

CVE-2024-47542

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2readsynchuint function, located in id3v2.c. If id3v2readsynchuint is called with a null work-hdr.framedata, the pointer guint8 data is accessed without validatio...

7.5CVSS6.9AI score0.01095EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2024/12/11 6:52 p.m.20 views

CVE-2024-47538 GHSL-2024-115: GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet

GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the vorbishandleidentificationpacket function within gstvorbisdec.c. The position array is a stack-allocated buffer of size 64. If vd-vi.channels exceeds 64, the for loop will...

8.6CVSS8.6AI score0.01272EPSS
Exploits0References3
Rows per page
Query Builder