Lucene search
K

52 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-12891

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the...

4.3CVSS5.9AI score0.00276EPSS
Exploits0References4
NVD
NVD
added 2026/06/23 9:16 p.m.7 views

CVE-2026-12891

A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds read of up to 8 bytes from adjacent memory. This flaw allows an attacker to craft a malicious H.266...

4.3CVSS0.00276EPSS
Exploits0References3
CVE
CVE
added 2026/06/23 7:53 p.m.32 views

CVE-2026-12891

The CVE-2026-12891 issue affects the GStreamer gst-plugins-bad package, specifically the H.266/VVC parser. A malformed H.266/VVC stream with a crafted aspect ratio indicator value can cause an out-of-bounds read of up to 8 bytes from adjacent memory. This could enable an attacker to craft a malic...

4.3CVSS5.7AI score0.00276EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2026/06/23 7:53 p.m.36 views

CVE-2026-12891 Gstreamer1-plugins-bad: gstreamer1-plugins-bad: global buffer overflow (oob read) in h.266/vvc vui parameter parser

A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds read of up to 8 bytes from adjacent memory. This flaw allows an attacker to craft a malicious H.266...

4.3CVSS0.00276EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/23 7:53 p.m.7 views

CVE-2026-12891

A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds read of up to 8 bytes from adjacent memory. This flaw allows an attacker to craft a malicious H.266...

4.3CVSS5.7AI score0.00276EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/23 7:53 p.m.6 views

CVE-2026-12891

A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds read of up to 8 bytes from adjacent memory. This flaw allows an attacker to craft a malicious H.266...

4.3CVSS5.7AI score0.00276EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.13 views

PT-2026-51589

Name of the Vulnerable Software and Affected Versions GStreamer gst-plugins-bad affected versions not specified Description A flaw in the H.266 parser occurs when processing a malformed H.266/VVC video stream containing a crafted aspect ratio indicator value. This leads to an out-of-bounds read o...

4.3CVSS5.7AI score0.00276EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.26 views

Linux Distros Unpatched Vulnerability : CVE-2026-53701

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing o...

6.5CVSS5.9AI score0.00206EPSS
Exploits0References4
OSV
OSV
added 2026/06/11 7:16 p.m.4 views

DEBIAN-CVE-2026-53701

An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing of gsth266parserparsepicturepartition gsth266parser.c, the loop iterates without checking that the slice index stays within bounds, writin...

6.5CVSS5.4AI score0.00206EPSS
Exploits0References1
OSV
OSV
added 2026/06/11 7:16 p.m.6 views

UBUNTU-CVE-2026-53701

An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing of gsth266parserparsepicturepartition gsth266parser.c, the loop iterates without checking that the slice index stays within bounds, writin...

6.5CVSS5.4AI score0.00206EPSS
Exploits0References7
CVE
CVE
added 2026/06/11 6:15 p.m.18 views

CVE-2026-53701

GStreamer: gst-plugins-bad H.266/VVC PPS picture partition parser (gst_h266_parser_parse_picture_partition) contains an out-of-bounds write due to a bound-check omission in the multi-slice-in-tile processing. The loop may write beyond three fixed-size arrays (slice_height_in_ctus, slice_top_left_...

6.5CVSS5.5AI score0.00206EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/11 6:15 p.m.6 views

CVE-2026-53701

An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing of gsth266parserparsepicturepartition gsth266parser.c, the loop iterates without checking that the slice index stays within bounds, writin...

6.5CVSS5.4AI score0.00206EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/11 6:6 p.m.9 views

CVE-2026-53701

An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing of gsth266parserparsepicturepartition gsth266parser.c, the loop iterates without checking that the slice index stays within bounds, writin...

6.5CVSS5.2AI score0.00206EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.14 views

PT-2026-48724

Name of the Vulnerable Software and Affected Versions GStreamer affected versions not specified Description An out-of-bounds write occurs in the H.266/VVC PPS picture partition parser within the gst-plugins-bad component. In the multi-slice-in-tile processing of the gst h266 parser parse picture...

6.5CVSS5.2AI score0.00206EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.10 views

gst-plugins-bad 缓冲区错误漏洞

gst-plugins-bad is a GStreamer open-source plugin. gst-plugins-bad has a buffer error vulnerability, which stems from the multiple slice processing loop in the gsth266 parser’s gsth266parserparsepicturepartition function. This loop does not check whether the slice index exceeds the boundary. When...

6.5CVSS5.6AI score0.00206EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2026/05/11 12:0 a.m.14 views

gstreamer1 -- multiple vulnerabilities

The GStreamer project reports multiple security vulnerabilities fixed in the 1.28.3 release: Six security vulnerabilities were addressed, including: Bounds check errors in MXF VANC packet handling. Use-after-free in GStreamer core buffer value deserialization. Out-of-bounds read in MXF demuxer...

6.2AI score
Exploits0References6
OSV
OSV
added 2026/04/11 3:47 p.m.3 views

MINI-J6HP-H266-XQVX

Bulletin has no description...

7.5CVSS5.7AI score0.00349EPSS
Exploits0
EUVD
EUVD
added 2026/03/16 3:30 p.m.3 views

EUVD-2026-12127

GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

7.8CVSS6.3AI score0.00421EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/16 2:29 p.m.4 views

CVE-2026-3086

A flaw was found in GStreamer. A remote attacker could exploit this out-of-bounds write vulnerability by providing specially crafted H.266 video data. This issue, specifically within the processing of Adaptation Parameter Set APS units, stems from insufficient validation of user-supplied data,...

7.8CVSS6AI score0.00421EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/16 2:29 p.m.3 views

CVE-2026-3081

A flaw was found in GStreamer. A remote attacker can exploit this vulnerability by providing specially crafted H.266 codec data during the parsing of decoding units. This issue arises from insufficient validation of the length of user-supplied data before it is copied to a fixed-length stack-base...

7.8CVSS6.6AI score0.00425EPSS
Exploits0References5
Rows per page
Query Builder