4568 matches found
gstreamer1-plugins-bad-free: GStreamer: Signed integer overflow in VMnc decoder cursor payload handling
A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a...
gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle in librfb
A heap buffer overflow vulnerability was found in GStreamer's librfb RFB/VNC client. The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote attacker could set up a...
gstreamer1-plugins-good security update
An update is available for gstreamer1-plugins-good. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs of...
RLSA-2026:36774 Important: gstreamer1-plugins-good security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer1-plugins-good: GStreamer: Heap buffer overflo...
RockyLinux 8 : gstreamer1-plugins-good (RLSA-2026:36774)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:36774 advisory. gstreamer1-plugins-good: GStreamer: Heap buffer overflow in WavPack decoder via integer overflow CVE-2026-53705 Tenable has extracted the preceding description...
AlmaLinux 8 : gstreamer1-plugins-bad-free (ALSA-2026:37130)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:37130 advisory. gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle in librfb CVE-2026-52720 gstreamer1-plugins-bad-free:...
AlmaLinux 8 : gstreamer1-plugins-good (ALSA-2026:36774)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:36774 advisory. gstreamer1-plugins-good: GStreamer: Heap buffer overflow in WavPack decoder via integer overflow CVE-2026-53705 Tenable has extracted the preceding description...
RHEL 10 : gstreamer1-plugins-good (RHSA-2026:36675)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:36675 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a...
RHEL 10 : gstreamer1-plugins-bad-free (RHSA-2026:36749)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:36749 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package...
Oracle Linux 9 : gstreamer1-plugins-good (ELSA-2026-37129)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-37129 advisory. - Fix CVE-2026-53705: integer overflow in wavpack decoder, re-applied on top of the correct 1.22.12 base Resolves: RHEL-184477 - Apply patches for CVE-2026-308...
Oracle Linux 9 : gstreamer1-plugins-ugly-free (ELSA-2026-36674)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-36674 advisory. - Fix CVE-2026-53704: multiple rmdemux security issues Tenable has extracted the preceding description block directly from the Oracle Linux security...
Oracle Linux 9 : gstreamer1-plugins-bad-free (ELSA-2026-36834)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-36834 advisory. - Sync with c9s release -5..-7: fix for CVE-2026-2923, CVE-2026-3082 in dvbsuboverlay and jpegparser Resolves: RHEL-156242, RHEL-156255 - Fix bytes/bi...
openSUSE 16: gstreamer-plugins-good / gstreamer-plugins-good-extra / etc (openSUSE-SU-2026:21240-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:21240-1 advisory. - CVE-2026-53705: wavpackdec: Avoid integer overflow when calculating output buffer size and related fixes bsc1268449. Tenable has extracted the precedi...
PT-2026-56784
Name of the Vulnerable Software and Affected Versions GStreamer affected versions not specified Description A stack buffer overflow occurs in the DTLS plugin during a DTLS handshake. The issue arises when the peer certificate Subject Distinguished Name is printed into a fixed-size 2048-byte stack...
ALSA-2026:37130 Important: gstreamer1-plugins-bad-free security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle i...
RHEL 9 : gstreamer1-plugins-ugly-free (RHSA-2026:36674)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:36674 advisory. GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins whose...
RHEL 8 : gstreamer1-plugins-bad-free (RHSA-2026:37130)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:37130 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package...
AlmaLinux 10 : gstreamer1-plugins-bad-free (ALSA-2026:36749)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:36749 advisory. gstreamer1-plugins-bad-free: GStreamer: Denial of service via AV1 tilelistobu parser byte/bit confusion CVE-2026-52718 gstreamer1-plugins-bad-free:...
Oracle Linux 8 : gstreamer1-plugins-good (ELSA-2026-36774)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-36774 advisory. 1.16.1-7 - Fix integer overflow vulnerabilities in wavpackdec CVE-2026-53705 Resolves: RHEL-184473 Tenable has extracted the preceding description block direct...
Linux Distros Unpatched Vulnerability : CVE-2026-59691
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow vulnerability was found in GStreamer's rfbsrc plugin. When a client connects to a malicious RFB/VNC server that advertises a 16bpp...