Lucene search
K

868 matches found

OSV
OSV
added 2026/06/22 12:0 a.m.2 views

OPENSUSE-SU-2026:11088-1 gstreamer-plugins-bad-1.28.4+24-1.1 on GA media

These are all security issues fixed in the gstreamer-plugins-bad-1.28.4+24-1.1 package on the GA media of openSUSE Tumbleweed...

8.8CVSS5.9AI score0.0053EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.5 views

Debian dsa-6359 : gstreamer1.0-gtk3 - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6359 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6359-1 [email protected] https://www.debian.org/securit...

8.8CVSS7.7AI score0.00828EPSS
Exploits0References12
EUVD
EUVD
added 2026/06/15 9:30 p.m.15 views

EUVD-2026-36798

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS5.4AI score0.00301EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/15 7:10 p.m.7 views

CVE-2026-52721 Gstreamer1-plugins-bad-free: gstreamer: multiple out-of-bounds reads in pcapparse ipv4/tcp header parsing

Multiple out-of-bounds read vulnerabilities were found in GStreamer's pcapparse element. Malformed PCAP records can trigger reads beyond buffer boundaries during IPv4/TCP header parsing. This element is primarily used in debugging pipelines, limiting real-world exposure. A local attacker could...

5.3CVSS5.5AI score0.00107EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/15 7:10 p.m.45 views

CVE-2026-53705 Gstreamer1-plugins-good: gstreamer: heap buffer overflow in wavpack decoder via integer overflow

A flaw was found in GStreamer's WavPack audio decoder in gst-plugins-good. When processing a specially crafted WavPack file, an integer overflow in the buffer size calculation 4 blocksamples channels in gstwavpackdechandleframe causes a very small heap allocation. The WavPack library then writes...

7.6CVSS0.0031EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/15 7:10 p.m.8 views

CVE-2026-53705

A flaw was found in GStreamer's WavPack audio decoder in gst-plugins-good. When processing a specially crafted WavPack file, an integer overflow in the buffer size calculation 4 blocksamples channels in gstwavpackdechandleframe causes a very small heap allocation. The WavPack library then writes...

7.6CVSS5.6AI score0.0031EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2026/06/15 12:0 a.m.9 views

gstreamer-plugins-base and gstreamer-plugins-good security update

gstreamer-plugins-base 0.10.36-10.0.1 - Security update CVE-2026-2921 Orabug: 39201593 gstreamer-plugins-good 0.10.31-13.0.1 - Security update for CVE-2026-3083 CVE-2026-3085 Orabug: 39199326...

8.8CVSS7.6AI score0.00867EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.16 views

PT-2026-49335

Name of the Vulnerable Software and Affected Versions GStreamer gst-plugins-bad affected versions not specified Description An out-of-bounds read occurs in the VA JPEG decoder within the gst-plugins-bad module. The JPEG parser reads a segment length value from the bitstream without validating it...

7.1CVSS6AI score0.00301EPSS
Exploits0References31
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.13 views

gst-plugins-bad 缓冲区错误漏洞

gst-plugins-bad is a GStreamer open-source plugin. gst-plugins-bad has a buffer error vulnerability, which stems from the multiple slice processing loop in the gsth266 parser’s gsth266parserparsepicturepartition function. This loop does not check whether the slice index exceeds the boundary. When...

6.5CVSS5.6AI score0.00206EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.10 views

Amazon Linux 2023 : gstreamer1-plugins-good, gstreamer1-plugins-good-gtk (ALAS2023-2026-1787)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1787 advisory. An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemuxparsetrak function does not sufficiently validate atom data befor...

9.1CVSS5.5AI score0.00208EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in gst-plugins-bad1.0

GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors...

8.8CVSS7.8AI score0.01559EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/19 6:19 p.m.15 views

Important: Red Hat Security Advisory: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

An update for multiple packages is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS7.7AI score0.00867EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/05/19 1:24 p.m.13 views

Important: Red Hat Security Advisory: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

An update for multiple packages is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS7.7AI score0.00867EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.15 views

gst-plugins-good 数字错误漏洞

GStreamer-plugins-good is a GStreamer plugin developed under open source. Versions of GStreamer-plugins-good prior to 1.28.2 contained a numerical error vulnerability. This vulnerability stemmed from the qtdemuxaudiocaps function in the isomp4 plugin, which did not properly validate atomic data...

9.1CVSS5.8AI score0.00208EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.6 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-base (UTSA-2026-021387)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021387 advisory. GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affecte...

7.8CVSS7.7AI score0.00787EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.10 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-base (UTSA-2026-021391)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021391 advisory. GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...

8.8CVSS6.3AI score0.00806EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.7 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-good (UTSA-2026-021392)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021392 advisory. GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affecte...

7.8CVSS7.7AI score0.00787EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.10 views

Unity Linux 20.1070e Security Update: gstreamer1-plugins-good (UTSA-2026-017386)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017386 advisory. DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemuxinflate function which causes a segfault, or could...

7.8CVSS5.9AI score0.00437EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.8 views

Unity Linux 20.1070e Security Update: gstreamer1-plugins-good (UTSA-2026-017385)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017385 advisory. Integer overflow in matroskademux element in gstmatroskademuxaddwvpkheader function which allows a heap overwrite while parsing matroska files. Potential for arbitra...

7.8CVSS6.4AI score0.00465EPSS
Exploits1References4
Amazon
Amazon
added 2026/04/30 12:0 a.m.11 views

Medium: gstreamer-plugins-good

Issue Overview: An out-of-bounds read in the WAV parser that can cause crashes for certain input files. CVE-2026-1940 Affected Packages: gstreamer-plugins-good Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and A...

5.1CVSS7.9AI score0.00225EPSS
Exploits0
Rows per page
Query Builder