Astra Linux - уязвимость в gst-plugins-bad1.0

GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may vary...

Astra Linux - уязвимость в exempi

The XMP Toolkit version 2020.1 and earlier versions is affected by a null pointer dereference vulnerability that could lead to data leakage from certain memory locations and cause a local denial of service in the context of the current user. User interaction is required to exploit this...

gstreamer1 -- multiple vulnerabilities

The GStreamer project reports multiple security vulnerabilities fixed in the 1.28.3 release: Six security vulnerabilities were addressed, including: Bounds check errors in MXF VANC packet handling. Use-after-free in GStreamer core buffer value deserialization. Out-of-bounds read in MXF demuxer...

USN-8205-1 gst-plugins-bad1.0 vulnerabilities

It was discovered that multiple plugins in GStreamer contained arithmetic overflows. An attacker could possibly use this issue to cause applications using the plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2023-37329, CVE-2023-40474, CVE-2023-40475,...

MiracleLinux 9 : gstreamer1-plugins-bad-free-1.22.1-4.el9 (AXSA:2024-8037:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8037:03 advisory. gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with uncompressed video CVE-2023-40474 gstreamer-plugins-bad:...

MiracleLinux 9 : gstreamer1-plugins-bad-free-1.22.1-2.el9_3 (AXSA:2023-7048:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7048:03 advisory. gstreamer: AV1 codec parser heap-based buffer overflow CVE-2023-44429 gstreamer: MXF demuxer use-after-free vulnerability CVE-2023-44446 Tenable has...

MiracleLinux 8 : gstreamer1-plugins-bad-free-1.16.1-4.el8 (AXSA:2024-8316:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8316:04 advisory. gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with uncompressed video CVE-2023-40474 gstreamer-plugins-bad:...

MiracleLinux 7 : gstreamer-plugins-bad-free-0.10.23-24.el7 (AXSA:2024-7443:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7443:01 advisory. gstreamer: MXF demuxer use-after-free vulnerability CVE-2023-44446 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : gstreamer1-plugins-bad-free-1.16.1-2.el8_9.ML.1 (AXSA:2024-7357:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7357:01 advisory. gstreamer: MXF demuxer use-after-free vulnerability CVE-2023-44446 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 7 : gstreamer1-plugins-bad-free-1.10.4-4.el7 (AXSA:2024-7382:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7382:02 advisory. gstreamer: MXF demuxer use-after-free vulnerability CVE-2023-44446 Tenable has extracted the preceding description block directly from the MiracleLinux...

TencentOS Server 3: gstreamer1-plugins-bad-free (TSSA-2024:0196)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0196 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

EUVD-2018-10709

Malware in sbrugna...

EUVD-2017-5680

Malware in sbrugna...

EUVD-2021-27897

Malicious code in bioql PyPI...

EUVD-2021-29698

Malicious code in bioql PyPI...

EUVD-2023-48786

Malicious code in bioql PyPI...

EUVD-2023-45046

Malicious code in bioql PyPI...

EUVD-2023-45045

Malicious code in bioql PyPI...

Medium: gstreamer-plugins-bad-free

Issue Overview: Integer overflow leading to heap overwrite in MXF file handling with uncompressed video NOTE: https://gstreamer.freedesktop.org/security/sa-2023-0006.html NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/mergerequests/5362 NOTE: Fixed by:...

NewStart CGSL MAIN 7.02 : gstreamer1-plugins-bad-free Multiple Vulnerabilities (NS-SA-2025-0163)

The remote NewStart CGSL host, running version MAIN 7.02, has gstreamer1-plugins-bad-free packages installed that are affected by multiple vulnerabilities: - GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to...