Lucene search
+L

243 matches found

Tenable Nessus
Tenable Nessus
added 3 days ago4 views

SUSE SLED15: gstreamer-plugins-bad / gstreamer-plugins-bad-devel / etc (SUSE-SU-2026:3058-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:3058-1 advisory. This update for gstreamer-plugins-bad fixes the following issues - CVE-2026-12892: 1-byte heap out-of-bounds...

8.8CVSS6.2AI score0.0053EPSS
Exploits0References22
OSV
OSV
added 2026/07/10 12:3 p.m.3 views

RLSA-2026:36834 Important: gstreamer1-plugins-bad-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: gstreamer1-plugins-bad-free: GStreamer: Denial of service via AV1 tilelistobu parser byte/bit...

8.8CVSS7.1AI score0.0053EPSS
Exploits0References5
OSV
OSV
added 2026/07/10 6:0 a.m.4 views

RLSA-2026:37130 Important: gstreamer1-plugins-bad-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle i...

8.8CVSS7.1AI score0.0053EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/10 12:0 a.m.9 views

RockyLinux 9 : gstreamer1-plugins-bad-free (RLSA-2026:36834)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:36834 advisory. gstreamer1-plugins-bad-free: GStreamer: Denial of service via AV1 tilelistobu parser byte/bit confusion CVE-2026-52718 gstreamer1-plugins-bad-free:...

8.8CVSS7.1AI score0.0053EPSS
Exploits0References9
OSV
OSV
added 2026/07/09 10:13 a.m.2 views

RHSA-2026:37130 Red Hat Security Advisory: gstreamer1-plugins-bad-free security update

Bulletin has no description...

8.8CVSS7AI score0.0053EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2026/07/09 7:58 a.m.9 views

Important: Red Hat Security Advisory: gstreamer1-plugins-bad-free security update

An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS6.2AI score0.0053EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/09 12:0 a.m.9 views

AlmaLinux 8 : gstreamer1-plugins-bad-free (ALSA-2026:37130)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:37130 advisory. gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle in librfb CVE-2026-52720 gstreamer1-plugins-bad-free:...

8.8CVSS7.1AI score0.0053EPSS
Exploits0References4
OSV
OSV
added 2026/07/09 12:0 a.m.3 views

ALSA-2026:37130 Important: gstreamer1-plugins-bad-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle i...

8.8CVSS7.1AI score0.0053EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/07/08 2:15 p.m.4 views

gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS6AI score0.00301EPSS
Exploits0References5
Amazon
Amazon
added 2026/07/08 12:0 a.m.5 views

Medium: gstreamer1-plugins-bad-free

Issue Overview: A denial of service vulnerability was found in GStreamer's AV1 codec parser in gst-plugins-bad. The gstav1parserparsetilelistobu function passes a byte count to a bit-reader API that expects a bit count, causing parser desynchronization. A remote attacker could trick a user into...

7.1CVSS6.1AI score0.0031EPSS
Exploits0
OSV
OSV
added 2026/07/03 11:25 a.m.8 views

SUSE-SU-2026:2744-1 Security update for gstreamer-plugins-bad

This update for gstreamer-plugins-bad fixes the following issue - CVE-2026-52719: gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder bsc1268401...

7.1CVSS5.9AI score0.00301EPSS
Exploits0References3
OSV
OSV
added 2026/07/03 11:23 a.m.3 views

SUSE-SU-2026:2743-1 Security update for gstreamer-plugins-bad

This update for gstreamer-plugins-bad fixes the following issue - CVE-2026-52719: gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder bsc1268401...

7.1CVSS5.9AI score0.00301EPSS
Exploits0References3
OSV
OSV
added 2026/07/02 6:53 a.m.2 views

OPENSUSE-SU-2026:21204-1 Security update for gstreamer-plugins-bad

This update for gstreamer-plugins-bad fixes the following issue - CVE-2026-52719: gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder bsc1268401...

7.1CVSS5.9AI score0.00301EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in gst-plugins-bad1.0

GStreamer DVB Subtitles Out-of-Bounds: Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may vary dependi...

7.8CVSS7.4AI score0.00729EPSS
Exploits0References3
OSV
OSV
added 2026/06/23 9:16 p.m.5 views

DEBIAN-CVE-2026-12892

A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds read can occur during parsing. This happens when the parser attempts to check slice boundary...

4.4CVSS5.8AI score0.00119EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/23 7:53 p.m.8 views

CVE-2026-12892

A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds read can occur during parsing. This happens when the parser attempts to check slice boundary...

4.4CVSS5.8AI score0.00119EPSS
Exploits0
EUVD
EUVD
added 2026/06/23 7:53 p.m.9 views

EUVD-2026-38607

A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds read can occur during parsing. This happens when the parser attempts to check slice boundary...

4.4CVSS5.8AI score0.00119EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/23 7:53 p.m.9 views

CVE-2026-12892

A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds read can occur during parsing. This happens when the parser attempts to check slice boundary...

4.4CVSS5.8AI score0.00119EPSS
Exploits0References4
OSV
OSV
added 2026/06/22 12:0 a.m.2 views

OPENSUSE-SU-2026:11088-1 gstreamer-plugins-bad-1.28.4+24-1.1 on GA media

These are all security issues fixed in the gstreamer-plugins-bad-1.28.4+24-1.1 package on the GA media of openSUSE Tumbleweed...

8.8CVSS5.9AI score0.0053EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/15 9:30 p.m.15 views

EUVD-2026-36798

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS5.4AI score0.00301EPSS
Exploits0References4
Rows per page
Query Builder