Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gstreamer project vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-3498
GStreamer prior to 1.18.4 might cause heap corruption when parsing certain malformed Matroska files.
Gstreamer Project Gstreamer
Redhat Enterprise Linux 7.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 8.0
7.5
CVSSv3
CVE-2020-6095
An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger...
Gstreamer Project Gst-rtsp-server 1.14.5
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
8.8
CVSSv3
CVE-2019-9928
GStreamer prior to 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.
Gstreamer Project Gstreamer
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
5.5
CVSSv3
CVE-2017-5846
The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer prior to 1.10.3 allows remote malicious users to cause a denial of service (invalid memory read and crash) via vectors related to the number of languages in a video ...
Gstreamer Project Gstreamer
7.5
CVSSv3
CVE-2017-5847
The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote malicious users to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.
Gstreamer Project Gstreamer
Debian Debian Linux 8.0
Debian Debian Linux 9.0
NA
CVE-2009-1438
Integer overflow in the CSoundFile::ReadMed function (src/load_med.cpp) in libmodplug prior to 0.8.6, as used in gstreamer-plugins, TTPlayer, and other products, allows context-dependent malicious users to execute arbitrary code via a MED file with a crafted (1) song comment or (...
Konstanty Bialkowski Libmodplug
Konstanty Bialkowski Libmodplug 0.8.4
Konstanty Bialkowski Libmodplug 0.8
NA
CVE-2009-0586
Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) prior to 0.10.23 in GStreamer allows context-dependent malicious users to execute arbitrary code via a crafted COVERART tag...
Gstreamer Project Gstreamer
Canonical Ubuntu Linux 8.10
NA
CVE-2009-0397
Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 up to and including 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote malicious users to execute arbi...
Gstreamer Plug-ins 0.8.5
Gstreamer Good Plug-ins 0.10.10
Gstreamer Good Plug-ins 0.10.9
Gstreamer Good Plug-ins 0.10.11
NA
CVE-2009-0386
Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 up to and including 0.10.11 might allow remote malicious users to execute arbitrary code via crafted Composition Time To Sample (ctts...
Gstreamer Good Plug-ins 0.10.11
Gstreamer Good Plug-ins 0.10.9
Gstreamer Good Plug-ins 0.10.10
NA
CVE-2009-0387
Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 up to and including 0.10.11 allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code...
Gstreamer Good Plug-ins 0.10.10
Gstreamer Good Plug-ins 0.10.11
Gstreamer Good Plug-ins 0.10.9
Gstreamer Plug-ins 0.8.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »