Gstreamer

Gstreamer

18 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.6

CVE-2025-47808

Exploit
  • EPSS 0.11%
  • Veröffentlicht 07.08.2025 00:00:00
  • Zuletzt bearbeitet 12.08.2025 16:40:02

In GStreamer through 1.26.1, the subparse plugin's tmplayer_parse_line function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.

5.5

CVE-2025-47807

Exploit
  • EPSS 0.02%
  • Veröffentlicht 07.08.2025 00:00:00
  • Zuletzt bearbeitet 12.08.2025 16:40:33

In GStreamer through 1.26.1, the subparse plugin's subrip_unescape_formatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.

5.6

CVE-2025-47806

Exploit
  • EPSS 0.09%
  • Veröffentlicht 07.08.2025 00:00:00
  • Zuletzt bearbeitet 12.08.2025 16:40:42

In GStreamer through 1.26.1, the subparse plugin's parse_subrip_time function may write data past the bounds of a stack buffer, leading to a crash.

8.1

CVE-2025-47219

Exploit
  • EPSS 0.11%
  • Veröffentlicht 07.08.2025 00:00:00
  • Zuletzt bearbeitet 12.08.2025 16:40:49

In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_trak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure.

6.6

CVE-2025-47183

Exploit
  • EPSS 0.02%
  • Veröffentlicht 07.08.2025 00:00:00
  • Zuletzt bearbeitet 12.08.2025 16:40:56

In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_tree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure.

7.8

CVE-2025-6663

  • EPSS 0.05%
  • Veröffentlicht 07.07.2025 14:58:01
  • Zuletzt bearbeitet 14.08.2025 13:44:33

GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to ex...

7.8

CVE-2025-2759

  • EPSS 0.01%
  • Veröffentlicht 22.05.2025 00:57:49
  • Zuletzt bearbeitet 13.08.2025 16:29:40

GStreamer Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of GStreamer. An attacker must first obtain the ability to execute low-priv...

8.8

CVE-2025-3887

  • EPSS 0.22%
  • Veröffentlicht 22.05.2025 00:47:04
  • Zuletzt bearbeitet 13.08.2025 15:57:22

GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to ex...

9.8

CVE-2016-9636

Exploit
  • EPSS 16.64%
  • Veröffentlicht 27.01.2017 22:59:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'w...

9.8

CVE-2016-9635

Exploit
  • EPSS 16.09%
  • Veröffentlicht 27.01.2017 22:59:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 's...