UBUNTU-CVE-2024-47545

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemuxparsetrak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this happen...

CVE-2022-47011

...

UBUNTU-CVE-2024-47775

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parseds64 function within gstwavparse.c. The parseds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multipl...

CVE-2024-47835 GHSL-2024-263: Gstreamer NULL-pointer dereference in LRC subtitle parser

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parselrc function within gstsubparse.c. The parselrc function calls strchr to find the character '' in the string line. The pointer returned by this call ...

CVE-2024-47775

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parseds64 function within gstwavparse.c. The parseds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multipl...

GStreamer 缓冲区错误漏洞

GStreamer is the GStreamer open source set of frameworks for processing streaming media. GStreamer suffers from a buffer error vulnerability that stems from an out-of-bounds read vulnerability found in the gstwavparsesmplchunk function in gstwavparse.c. The vulnerability is caused by an...

GStreamer 缓冲区错误漏洞

GStreamer is the GStreamer open source set of frameworks for processing streaming media. GStreamer suffers from a buffer error vulnerability that stems from an out-of-bounds write vulnerability found in the gstssaparseremoveoverridecodes function in the gstssaparse.c file...

GStreamer 代码问题漏洞

GStreamer is an open source set of frameworks for processing streaming media by GStreamer. A code issue vulnerability exists in GStreamer, which stems from a null pointer dereference vulnerability detected in the parselrc function in gstsubparse.c...

GStreamer 代码问题漏洞

GStreamer is an open source set of frameworks for processing streaming media from GStreamer. A code issue vulnerability exists in GStreamer versions prior to 1.24.10, which stems from a null reference vulnerability affecting the qtdemuxparsesbgp function in qtdemux.c. The vulnerability is caused ...

GStreamer 缓冲区错误漏洞

GStreamer is an open source set of frameworks for processing streaming media from GStreamer. A buffer error vulnerability exists in GStreamer versions prior to 1.24.10, which stems from an out-of-bounds read vulnerability found in the qtdemuxparsecontainer function in qtdemux.c. The vulnerability...

GStreamer 缓冲区错误漏洞

GStreamer is an open source set of frameworks for processing streaming media from GStreamer. A buffer error vulnerability exists in GStreamer versions prior to 1.24.10, which stems from an out-of-bounds read detected in the qtdemuxparsesamples function in qtdemux.c. The vulnerability is caused by...

GStreamer 缓冲区错误漏洞

GStreamer is a GStreamer open source set of frameworks for processing streaming media. GStreamer suffers from a buffer error vulnerability that stems from an out-of-bounds read vulnerability found in the parseds64 function in gstwavparse.c. The vulnerability is a result of an out-of-bounds read...

PT-2024-41090 · Git +1 · Shaderc

Name of the Vulnerable Software and Affected Versions: glslang affected versions not specified Description: The software contains a heap-buffer-overflow read issue. The crash occurs during the parseShaderStrings function within the glslang::HlslParseContext. This function is called by...

PT-2024-41091 · Git +1 · Shaderc

Name of the Vulnerable Software and Affected Versions: glslang affected versions not specified Description: The software suffers from an unknown read crash occurring within the glslang library. The crash state involves the glslang::TInfoSinkBase::location, glslang::TParseContextBase::outputMessag...

OESA-2024-2498 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: FFmpeg n6.1.1 is Intege...

The vulnerability of the openvswitch component in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the openvswitch component in the Linux operating system is related to insufficient validation of input data in the parseicmpv6 function. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Parse() function in the Golang programming language, related to integer overflow, allows attackers to cause a service failure.

The vulnerability of the Parse function in the Golang programming language is related to an infinite loop with integer overflow. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

SUSE CVE-2024-29645

Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the parsedie function...

kernel: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc

A vulnerability was found in the Linux kernel's amdgpu driver in the amdgpuvceringparsecs function where the size variable is initialized with a pointer that may not be properly set before use. This issue could lead to unpredictable behavior in the system...

SUSE CVE-2024-35366

FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...