Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gstreamer vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2021-3497
GStreamer prior to 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files.
Gstreamer Project Gstreamer
Redhat Enterprise Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 8.0
6.8
CVSSv2
CVE-2021-3498
GStreamer prior to 1.18.4 might cause heap corruption when parsing certain malformed Matroska files.
Gstreamer Project Gstreamer
Redhat Enterprise Linux 7.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 8.0
7.5
CVSSv2
CVE-2021-3185
A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution.
Freedesktop Gst-plugins-bad
5
CVSSv2
CVE-2020-6095
An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger...
Gstreamer Project Gst-rtsp-server 1.14.5
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
5
CVSSv2
CVE-2013-7324
Webkit-GTK 2.x (any version with HTML5 audio/video support based on GStreamer) allows remote malicious users to trigger unexpectedly high sound volume via malicious javascript. NOTE: this WebKit-GTK behavior complies with existing W3C standards and existing practices for GNOME de...
Webkitgtk Webkitgtk
6.8
CVSSv2
CVE-2019-9928
GStreamer prior to 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.
Gstreamer Project Gstreamer
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
6.8
CVSSv2
CVE-2018-7263
The mad_decoder_run() function in decoder.c in Underbit libmad up to and including 0.15.1b allows remote malicious users to cause a denial of service (SIGABRT because of double free or corruption) or possibly have unspecified other impact via a crafted file. NOTE: this may overla...
Underbit Libmad
4.3
CVSSv2
CVE-2017-5846
The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer prior to 1.10.3 allows remote malicious users to cause a denial of service (invalid memory read and crash) via vectors related to the number of languages in a video ...
Gstreamer Project Gstreamer
5
CVSSv2
CVE-2017-5847
The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote malicious users to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.
Gstreamer Project Gstreamer
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2014-8154
The Gst.MapInfo function in Vala 0.26.0 and 0.26.1 uses an incorrect buffer length declaration for the Gstreamer bindings, which allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which trigger...
Gnome Vala 0.26.1
Gnome Vala 0.26.0
Opensuse Opensuse 13.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »