CVE-2021-3522
- EPSS 5.37%
- Veröffentlicht 02.06.2021 15:15:07
- Zuletzt bearbeitet 28.05.2026 20:16:20
GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.
CVE-2021-3497
- EPSS 1.22%
- Veröffentlicht 19.04.2021 21:15:13
- Zuletzt bearbeitet 17.03.2026 15:52:33
GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files.
CVE-2021-3498
- EPSS 1.77%
- Veröffentlicht 19.04.2021 21:15:13
- Zuletzt bearbeitet 17.03.2026 15:52:33
GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files.
CVE-2019-9928
- EPSS 5.96%
- Veröffentlicht 24.04.2019 15:29:02
- Zuletzt bearbeitet 17.03.2026 15:52:33
GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.
CVE-2017-5837
- EPSS 2.53%
- Veröffentlicht 09.02.2017 15:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file.
CVE-2017-5838
- EPSS 4.57%
- Veröffentlicht 09.02.2017 15:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string.
CVE-2017-5839
- EPSS 4.48%
- Veröffentlicht 09.02.2017 15:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow and crash) via vect...
CVE-2017-5840
- EPSS 4.72%
- Veröffentlicht 09.02.2017 15:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current stts index.
CVE-2017-5841
- EPSS 3.82%
- Veröffentlicht 09.02.2017 15:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving ncdt tags.
CVE-2017-5842
- EPSS 2.2%
- Veröffentlicht 09.02.2017 15:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted SMI file, as demonstrated by OneNote_Manager....