CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added yesterday•6 views

PT-2026-48238

6.1AI score

PUB-A-480123693

In multiple functions of VideoRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

6.5AI score

PUB-A-481311295

In RtpSession::rtpSendRtcpPacket, there is a possible OOB write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

6.7AI score

PUB-A-479211693

In RtpPacket::decodePacket, there is a possible out-of-bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

6AI score

OSV•added 2026/06/01 12:0 a.m.•4 views

PUB-A-481274735

In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score

PUB-A-481652507

In numberOfReportBlocks of RtpSession.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6AI score

RedHat Linux•added 2026/05/19 6:19 p.m.•5 views

GStreamer: GStreamer: Remote Code Execution via Out-Of-Bounds Write in rtpqdm2depay

A flaw was found in GStreamer. This out-of-bounds write vulnerability exists within the rtpqdm2depay element, specifically during the processing of X-QDM Real-time Transport Protocol RTP payload elements. A remote attacker can exploit this by providing malformed user-supplied data to the packetid...

8.8CVSS7.8AI score0.0046EPSS

Tenable Nessus•added 2026/05/14 12:0 a.m.•7 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-base (UTSA-2026-021391)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021391 advisory. GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...

8.8CVSS6.3AI score0.0046EPSS

Exploits0References4

Tenable Nessus•added 2026/04/24 12:0 a.m.•0 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-good (UTSA-2026-014314)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014314 advisory. GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...

8.8CVSS7.8AI score0.0046EPSS

Exploits0References4

Tenable Nessus•added 2026/04/24 12:0 a.m.•0 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-good (UTSA-2026-014313)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014313 advisory. GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affect...

8.8CVSS7.8AI score0.00253EPSS

Exploits0References4

RedHat Linux•added 2026/04/20 4:13 a.m.•3 views

GStreamer: GStreamer: Remote Code Execution via Heap-based Buffer Overflow in rtpqdm2depay

A flaw was found in GStreamer. This heap-based buffer overflow vulnerability in the rtpqdm2depay component allows a remote attacker to execute arbitrary code. The flaw occurs due to insufficient validation of user-supplied data length during the processing of X-QDM Real-time Transport Protocol RT...

8.8CVSS8.4AI score0.00253EPSS

RedHat Linux•added 2026/04/20 2:58 a.m.•4 views

GStreamer: GStreamer: Remote Code Execution via Heap-based Buffer Overflow in rtpqdm2depay

8.8CVSS8.4AI score0.00253EPSS

Microsoft CVE•added 2026/04/14 8:2 a.m.•1 views

netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp

...

7.8CVSS6.2AI score0.00027EPSS

Exploits0

SUSE CVE•added 2026/04/13 11:26 p.m.•7 views

SUSE CVE-2026-31427

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntracksip: fix use of uninitialized rtpaddr in processsdp processsdp declares union nfinetaddr rtpaddr on the stack and passes it to the nfnatsip sdpsession hook after walking the SDP media descriptions. However...

4.5CVSS5.7AI score0.00027EPSS

Exploits0References17

EUVD•added 2026/04/13 3:31 p.m.•1 views

EUVD-2026-21954

5.7AI score0.00027EPSS

Exploits0References7

ATTACKERKB•added 2026/04/13 1:40 p.m.•1 views

CVE-2026-31427

5.8AI score0.00027EPSS

Exploits0References9Affected Software1

CVE•added 2026/04/13 1:40 p.m.•5 views

CVE-2026-31427

The CVE-2026-31427 issue in Linux kernel netfilter/nf_conntrack_sip was fixed by initializing the rtp_addr before calling nf_nat_sip SDP hooks and tracking via a have_rtp_addr flag. If SDP has no m= lines, or contains only inactive/unrecognized media, the code now avoids calling sdp_session with ...

5.5CVSS5.7AI score0.00027EPSS

Exploits0References8Affected Software1

RedHat Linux•added 2026/04/13 2:31 a.m.•3 views

GStreamer: GStreamer: Remote Code Execution via Heap-based Buffer Overflow in rtpqdm2depay

8.8CVSS8.1AI score0.00253EPSS