← Back

Gstreamer

gstreamer

107 CVEs • 4 products

Products (4)

Click to collapse
Toggle
Gstreamer
gstreamer
101 CVEs
Good Plug Ins
good_plug-ins
4 CVEs
Plug Ins
plug-ins
3 CVEs
Orc
orc
1 CVE

CVEs (107)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2015-0797
6Debian
GstreamerGstreamer Project+3 more
15Debian Linux
Enterprise Linux DesktopEnterprise Linux Eus+12 more
May 6, 2026
May 14, 2015
N/A· v4
N/A· v3
6.8 MEDIUM· v2
GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application c...Show more
GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file.Show less
CVE-2009-1932
1Gstreamer
1Good Plug Ins
Apr 23, 2026
Jun 4, 2009
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0...Show more
Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow.Show less
CVE-2009-0586
3Canonical
GstreamerGstreamer Project
3Gstreamer
GstreamerUbuntu Linux
Apr 23, 2026
Mar 14, 2009
N/A· v4
N/A· v3
7.5 HIGH· v2
Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) before 0.10.23 in GStreamer allows context-dependent attackers...Show more
Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) before 0.10.23 in GStreamer allows context-dependent attackers to execute arbitrary code via a crafted COVERART tag that is converted from a base64 representation, which triggers a heap-based buffer overflow.Show less
CVE-2009-0398
1Gstreamer
1Plug Ins
Apr 23, 2026
Feb 3, 2009
N/A· v4
N/A· v3
9.3 HIGH· v2
Array index error in the gst_qtp_trak_handler function in gst/qtdemux/qtdemux.c in GStreamer Plug-ins (aka gstreamer-plugins) 0.6.0 allows remote attackers to have an unknown impact via a crafted QuickTime media file.
CVE-2009-0397
1Gstreamer
2Good Plug Ins
Plug Ins
Apr 23, 2026
Feb 3, 2009
N/A· v4
N/A· v3
9.3 HIGH· v2
Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, mi...Show more
Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file.Show less
CVE-2009-0387
1Gstreamer
2Good Plug Ins
Plug Ins
Apr 23, 2026
Feb 2, 2009
N/A· v4
N/A· v3
9.3 HIGH· v2
Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service (application...Show more
Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted Sync Sample (aka stss) atom data in a malformed QuickTime media .mov file, related to "mark keyframes."Show less
CVE-2009-0386
1Gstreamer
1Good Plug Ins
Apr 23, 2026
Feb 2, 2009
N/A· v4
N/A· v3
9.3 HIGH· v2
Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code vi...Show more
Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code via crafted Composition Time To Sample (ctts) atom data in a malformed QuickTime media .mov file.Show less