Gstreamer

gstreamer

Vendor: Gstreamer • 101 CVEs

CVEs (101)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-5840 2Gstreamer Gstreamer Project 2Gstreamer Gstreamer May 13, 2026 Feb 9, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current s...Show more The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current stts index.Show less
CVE-2017-5839 2Gstreamer Gstreamer Project 2Gstreamer Gstreamer May 13, 2026 Feb 9, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stac...Show more The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow and crash) via vectors involving nested WAVEFORMATEX.Show less
CVE-2017-5838 2Gstreamer Gstreamer Project 2Gstreamer Gstreamer May 13, 2026 Feb 9, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string.
CVE-2017-5837 2Gstreamer Gstreamer Project 2Gstreamer Gstreamer May 13, 2026 Feb 9, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a cra...Show more The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file.Show less
CVE-2016-10199 2Gstreamer Gstreamer Project 2Gstreamer Gstreamer May 13, 2026 Feb 9, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted tag value.
CVE-2016-10198 2Gstreamer Gstreamer Project 2Gstreamer Gstreamer May 13, 2026 Feb 9, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted...Show more The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted audio file.Show less
CVE-2016-9636 3Debian GstreamerRedhat 6Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+3 more May 13, 2026 Jan 27, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (applic...Show more Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond the initialized buffer.Show less
CVE-2016-9635 3Debian GstreamerRedhat 6Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+3 more May 13, 2026 Jan 27, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (applic...Show more Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond initialized buffer.Show less
CVE-2016-9634 3Debian GstreamerRedhat 6Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+3 more May 13, 2026 Jan 27, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (applic...Show more Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.Show less
CVE-2016-9447 2Gstreamer Gstreamer Project 2Gstreamer Gstreamer May 13, 2026 Jan 23, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file.
CVE-2016-9446 4Fedoraproject GstreamerGstreamer Project+1 more 9Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+6 more May 13, 2026 Jan 23, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the...Show more The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas.Show less
CVE-2016-9445 2Gstreamer Gstreamer Project 2Gstreamer Gstreamer May 13, 2026 Jan 23, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service (crash) via large width and height values, which triggers a buffer overflow.
CVE-2016-9813 1Gstreamer 1Gstreamer May 13, 2026 Jan 13, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
CVE-2016-9812 1Gstreamer 1Gstreamer May 13, 2026 Jan 13, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a too small section.
CVE-2016-9811 4Debian FedoraprojectGstreamer+1 more 9Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+6 more May 13, 2026 Jan 13, 2017 N/A· v4 4.7 MEDIUM· v3 4.3 MEDIUM· v2 The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.
CVE-2016-9810 1Gstreamer 1Gstreamer May 13, 2026 Jan 13, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The gst_decode_chain_free_internal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via an invalid file, w...Show more The gst_decode_chain_free_internal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via an invalid file, which triggers an incorrect unref call.Show less
CVE-2016-9809 1Gstreamer 1Gstreamer May 13, 2026 Jan 13, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.
CVE-2016-9808 1Gstreamer 1Gstreamer May 13, 2026 Jan 13, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via a crafted series of skip and count pairs.
CVE-2016-9807 1Gstreamer 1Gstreamer May 13, 2026 Jan 13, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted FLIC file.
CVE-2015-0797 6Debian GstreamerGstreamer Project+3 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 May 14, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application c...Show more GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file.Show less

Previous 1 2 3 456 Next