73 matches found
CVE-2026-52722
A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a...
UBUNTU-CVE-2026-52722
A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a...
CVE-2026-52722
GStreamer VMnc decoder in gstreamer1-plugins-bad-free contains a signed integer overflow in cursor payload handling. A crafted VMnc stream with large cursor dimensions can cause signed payload-size arithmetic overflow, bypass a length check, and lead to out-of-bounds reads. This may allow a remot...
CVE-2026-52722 Gstreamer1-plugins-bad-free: gstreamer: signed integer overflow in vmnc decoder cursor payload handling
A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a...
CVE-2026-52722 Gstreamer1-plugins-bad-free: gstreamer: signed integer overflow in vmnc decoder cursor payload handling
A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a...
CVE-2026-52722
A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a...
PT-2026-49338
A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a...
Linux Distros Unpatched Vulnerability : CVE-2026-52722
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer...
EUVD-2016-10256
Malware in sbrugna...
EUVD-2016-10255
Malware in sbrugna...
RHEL 7 : gstreamer-plugins-bad-free (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gstreamer: buffer overflow in gsth264sliceparsedecrefpicmarking CVE-2021-3185 - The vmnc decoder in the...
SUSE CVE-2009-2628
The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not properly handle certain small heights in video...
SUSE CVE-2016-9445
Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service crash via large width and height values, which triggers a buffer overflow...
SUSE CVE-2016-9446
The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas...
UBUNTU-CVE-2014-125004
A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This vulnerability affects the function decodehextile of the file libavcodec/vmnc.c. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue...
gstreamer-plugins-bad-free: Missing initialization of allocated heap memory leads to information leak
The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas...
EulerOS 2.0 SP1 : gstreamer1-plugins-bad-free (EulerOS-SA-2017-1008)
According to the versions of the gstreamer1-plugins-bad-free package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format...
EulerOS 2.0 SP2 : gstreamer1-plugins-bad-free (EulerOS-SA-2017-1007)
According to the versions of the gstreamer1-plugins-bad-free package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format...
CVE-2016-9445
Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service crash via large width and height values, which triggers a buffer overflow...
CVE-2016-9446
The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas...