52 matches found
DEBIAN-CVE-2026-6385
A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reassembly bounds...
CVE-2026-6385 Ffmpeg: ffmpeg: denial of service and potential arbitrary code execution via signed integer overflow in dvd subtitle parser
A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reassembly bounds...
CVE-2026-6385
A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reassembly bounds...
CVE-2026-6385
A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reassembly bounds...
CVE-2026-6385
FFmpeg vulnerability CVE-2026-6385: a signed integer overflow in the DVD subtitle parser’s fragment reassembly bounds checks can cause a heap out-of-bounds write when processing specially crafted MPEG-PS/VOB media with a malicious DVD subtitle stream. Impact includes denial of service via applica...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the DVD subtitle parser due to a signed-integer overflow in fragment-reassembly bounds checks. An attacker can trigger a heap out-of-bounds write by supplying a specially crafted MPEG-PS/VOB media file,...
Red Hat AI Inference Server 安全漏洞
Red Hat AI Inference Server is a server product developed by Red Hat Inc. for artificial intelligence inference services. There is a security vulnerability in Red Hat AI Inference Server. This vulnerability stems from a symbolic integer overflow in the fragment recombination boundary check of the...
MiracleLinux 9 : gstreamer1-plugins-base-1.22.12-4.el9 (AXSA:2025-10279:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10279:01 advisory. gstreamer1-plugins-base: ID3v2 parser out-of-bounds read and NULL-pointer dereference CVE-2024-47542 gstreamer1-plugins-base: GStreamer has an...
RLSA-2025:7243 Moderate: gstreamer1-plugins-base security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins. Security Fixes: gstreamer1-plugins-base: ID3v2 parser out-of-bounds read and NULL-pointer dereference...
Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: CVE-2025-47806: Fixed stack buffer overflow in SubRip subtitle parser bsc1244407. CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser bsc1244403. CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer...
Security update for gstreamer-0_10-plugins-base
This update for gstreamer-010-plugins-base fixes the following issues: CVE-2025-47808: Fixed stack buffer overflow in SubRip subtitle parser bsc1244404 CVE-2025-47807: Fixed NULL-pointer dereference in TMPlayer subtitle parser bsc1244403 CVE-2025-47806: Fixed NULL-pointer dereference in SubRip...
SUSE-SU-2025:02919-1 Security update for gstreamer-0_10-plugins-base
This update for gstreamer-010-plugins-base fixes the following issues: - CVE-2025-47808: Fixed stack buffer overflow in SubRip subtitle parser bsc1244404 - CVE-2025-47807: Fixed NULL-pointer dereference in TMPlayer subtitle parser bsc1244403 - CVE-2025-47806: Fixed NULL-pointer dereference in...
Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser bsc1244404. CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser bsc1244403. CVE-2025-47806: Fixed stack buffer overflow in SubRip...
Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser bsc1244404. CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser bsc1244403. CVE-2025-47806: Fixed stack buffer overflow in SubRip...
SUSE-SU-2025:02302-1 Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: - CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser bsc1244404. - CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser bsc1244403. - CVE-2025-47806: Fixed stack buffer overflow in SubRi...
Security update for gstreamer-plugins-good
This update for gstreamer-plugins-good fixes the following issues: CVE-2024-47540: Fixed an uninitialized stack memory in Matroska/WebM demuxer. boo1234421 CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. boo1234414 CVE-2024-47543: Fixed an out-of-bounds write in...
SUSE-SU-2025:00063-1 Security update for gstreamer-plugins-good
This update for gstreamer-plugins-good fixes the following issues: - CVE-2024-47540: Fixed an uninitialized stack memory in Matroska/WebM demuxer. boo1234421 - CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. boo1234414 - CVE-2024-47543: Fixed an out-of-bounds write in...
SUSE-SU-2025:02020-1 Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: - CVE-2024-47538: Fixed stack-buffer overflow in vorbishandleidentificationpacket bnc1234415 - CVE-2024-47600: Fixed out-of-bounds read in gst-discoverer-1.0 commandline tool bnc1234453 - CVE-2024-47615: Fixed out-of-bounds write ...
PT-2025-30627
Name of the Vulnerable Software and Affected Versions GStreamer versions through 1.26.1 Description The tmplayer parse line function within the subparse plugin may dereference a NULL pointer when processing a subtitle file, potentially causing a crash. Recommendations Update to a version beyond...
CLSA-2025-1748639719 gstreamer1-plugins-base: Fix of CVE-2024-47835
CVE-2024-47835: fix NULL-pointer dereference in LRC subtitle parser...