Lucene search
K

25 matches found

Amazon
Amazon
added 2025/08/19 12:0 a.m.4 views

Medium: gstreamer-plugins-bad-free

Issue Overview: Integer overflow leading to heap overwrite in MXF file handling with uncompressed video NOTE: https://gstreamer.freedesktop.org/security/sa-2023-0006.html NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/mergerequests/5362 NOTE: Fixed by:...

8.8CVSS7.3AI score0.01871EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/05/22 9:26 a.m.30 views

gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with uncompressed video

A heap-buffer overflow flaw was found in the MXF file demuxer in the GStreamer Plugins Bad when handling malformed files with an uncompressed video. This issue requires user interaction with the library, and could allow a malicious user to cause an integer overflow before allocating the buffer,...

8.8CVSS6.2AI score0.01871EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/04/30 10:19 a.m.3 views

gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with uncompressed video

A heap-buffer overflow flaw was found in the MXF file demuxer in the GStreamer Plugins Bad when handling malformed files with an uncompressed video. This issue requires user interaction with the library, and could allow a malicious user to cause an integer overflow before allocating the buffer,...

8.8CVSS6.2AI score0.01871EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/04/30 12:0 a.m.39 views

RHEL 9 : gstreamer1-plugins-bad-free (RHSA-2024:2287)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2287 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package...

8.8CVSS7.4AI score0.02009EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2024/02/02 12:0 a.m.19 views

SUSE SLES12: gstreamer / gstreamer-devel / gstreamer-lang / gstreamer-utils / etc (SUSE-SU-2024:0307-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0307-1 advisory. - CVE-2023-40474: Fixed an integer overflow during MXF file parsing bsc1215796. Tenable has extracted the preceding description block direct...

8.8CVSS6.9AI score0.01871EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/01/03 12:0 a.m.29 views

SUSE SLED15: gstreamer-plugins-bad / gstreamer-plugins-bad-chromaprint / etc (SUSE-SU-2024:0005-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0005-1 advisory. - CVE-2023-44446: Fixed GStreamer MXF File Parsing Use-After-Free bsc1217213. - CVE-2023-40475: Fixed GStreame...

8.8CVSS6.8AI score0.01871EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/12/29 12:0 a.m.22 views

SUSE SLES12: gstreamer / gstreamer-devel / gstreamer-lang / gstreamer-utils / etc (SUSE-SU-2023:4982-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4982-1 advisory. - CVE-2023-40474: Fixed GStreamer MXF File Parsing Integer Overflow bsc1215796. Tenable has extracted the preceding description block direct...

8.8CVSS6.8AI score0.01871EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/12/28 12:0 a.m.23 views

SUSE SLES15: gstreamer / gstreamer-devel / gstreamer-lang / gstreamer-utils / etc (SUSE-SU-2023:4980-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4980-1 advisory. - CVE-2023-40474: Fixed GStreamer MXF File Parsing Integer Overflow bsc1215796. Tenable has extracted the preceding description block direct...

8.8CVSS6.8AI score0.01871EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/12/27 12:0 a.m.35 views

SUSE SLES12: gstreamer-plugins-bad / gstreamer-plugins-bad-devel / etc (SUSE-SU-2023:4972-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4972-1 advisory. - CVE-2023-40475: Fixed GStreamer MXF File Parsing Integer Overflow bsc1215792. Tenable has extracted the preceding description block direct...

8.8CVSS6.8AI score0.01871EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/12/26 12:0 a.m.29 views

SUSE SLES15: gstreamer-plugins-bad / gstreamer-plugins-bad-chromaprint / etc (SUSE-SU-2023:4971-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4971-1 advisory. - CVE-2023-44446: Fixed GStreamer MXF File Parsing Use-After-Free bsc1217213. - CVE-2023-40475: Fixed GStreamer MXF File Parsing...

8.8CVSS6.8AI score0.01871EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/12/23 12:0 a.m.33 views

SUSE SLES15: gstreamer-plugins-bad / gstreamer-plugins-bad-chromaprint / etc (SUSE-SU-2023:4947-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4947-1 advisory. CVE-2023-40475: Fixed GStreamer MXF File Parsing Integer Overflow bsc1215792. Tenable has extracted the preceding description block directly...

8.8CVSS6.8AI score0.01871EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2023/12/14 6:2 p.m.30 views

CVE-2023-40474

A heap-buffer overflow flaw was found in the MXF file demuxer in the GStreamer Plugins Bad when handling malformed files with an uncompressed video. This issue requires user interaction with the library, and could allow a malicious user to cause an integer overflow before allocating the buffer,...

5.5CVSS9.5AI score0.01871EPSS
Exploits0References4
Veracode
Veracode
added 2023/11/30 4:32 p.m.27 views

Heap Buffer Overflow

gst-plugins-bad GStreamer is vulnerable to Heap Buffer Overflow. The vulnerability is caused when handling malformed files with an uncompressed video. This could allow a malicious user to cause an integer overflow before allocating the buffer, triggering a crash or code execution via heap...

8.8CVSS7.2AI score0.01871EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/11/29 12:0 a.m.27 views

SUSE SLES12: gstreamer-plugins-bad / gstreamer-plugins-bad-devel / etc (SUSE-SU-2023:4597-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4597-1 advisory. - CVE-2023-40474: Fixed integer overflow causing out of bounds writes when handling invalid uncompressed video bsc1215796. -...

8.8CVSS6.8AI score0.02009EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/11/29 12:0 a.m.21 views

SUSE SLES15: gstreamer-plugins-bad / gstreamer-plugins-bad-chromaprint / etc (SUSE-SU-2023:4594-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4594-1 advisory. - CVE-2023-40474: Fixed integer overflow causing out of bounds writes when handling invalid uncompressed video bsc1215796. -...

8.8CVSS6.8AI score0.02009EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/11/29 12:0 a.m.33 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : GStreamer Bad Plugins vulnerabilities (USN-6526-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6526-1 advisory. It was discovered that GStreamer Bad Plugins incorrectly handled certain media files. A remote attacker could use this issue ...

8.8CVSS7.4AI score0.02189EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/11/29 12:0 a.m.26 views

SUSE SLES15: gstreamer-plugins-bad / gstreamer-plugins-bad-devel / etc (SUSE-SU-2023:4596-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4596-1 advisory. - CVE-2023-40474: Fixed integer overflow causing out of bounds writes when handling invalid uncompressed video bsc1215796. -...

8.8CVSS6.8AI score0.02009EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.24 views

SUSE SLES12: gstreamer-plugins-bad / gstreamer-plugins-bad-devel / etc (SUSE-SU-2023:4368-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4368-1 advisory. - CVE-2023-40474: Fixed a remote code execution issue due to improper parsing of H265 encoded video files bsc1215793. Tenable has extracted...

8.8CVSS7.4AI score0.01871EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/11/04 12:0 a.m.27 views

SUSE SLED15: gstreamer-plugins-bad / gstreamer-plugins-bad-chromaprint / etc (SUSE-SU-2023:4360-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4360-1 advisory. - CVE-2023-40474: Fixed a remote code execution issue due to improper parsing of H265 encoded video files bsc1215793...

8.8CVSS7.4AI score0.01871EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/11/04 12:0 a.m.22 views

SUSE SLES15 Security Update : gstreamer-plugins-bad (SUSE-SU-2023:4361-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4361-1 advisory. - Integer overflow leading to heap overwrite in MXF file handling with uncompressed video CVE-2023-40474 Note that Nessus has not tested for...

8.8CVSS6.9AI score0.01871EPSS
Exploits0References4
Rows per page
Query Builder