Gstreamer Project

Gstreamer

80 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.6

CVE-2025-47808

Exploit
  • EPSS 0.11%
  • Published 07.08.2025 00:00:00
  • Last modified 12.08.2025 16:40:02

In GStreamer through 1.26.1, the subparse plugin's tmplayer_parse_line function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.

5.5

CVE-2025-47807

Exploit
  • EPSS 0.02%
  • Published 07.08.2025 00:00:00
  • Last modified 12.08.2025 16:40:33

In GStreamer through 1.26.1, the subparse plugin's subrip_unescape_formatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.

5.6

CVE-2025-47806

Exploit
  • EPSS 0.09%
  • Published 07.08.2025 00:00:00
  • Last modified 12.08.2025 16:40:42

In GStreamer through 1.26.1, the subparse plugin's parse_subrip_time function may write data past the bounds of a stack buffer, leading to a crash.

8.1

CVE-2025-47219

Exploit
  • EPSS 0.11%
  • Published 07.08.2025 00:00:00
  • Last modified 12.08.2025 16:40:49

In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_trak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure.

6.6

CVE-2025-47183

Exploit
  • EPSS 0.02%
  • Published 07.08.2025 00:00:00
  • Last modified 12.08.2025 16:40:56

In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_tree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure.

7.8

CVE-2025-6663

  • EPSS 0.05%
  • Published 07.07.2025 14:58:01
  • Last modified 14.08.2025 13:44:33

GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to ex...

7.8

CVE-2025-2759

  • EPSS 0.01%
  • Published 22.05.2025 00:57:49
  • Last modified 13.08.2025 16:29:40

GStreamer Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of GStreamer. An attacker must first obtain the ability to execute low-priv...

8.8

CVE-2025-3887

  • EPSS 0.22%
  • Published 22.05.2025 00:47:04
  • Last modified 13.08.2025 15:57:22

GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to ex...

7.5

CVE-2024-47835

  • EPSS 0.17%
  • Published 12.12.2024 02:03:43
  • Last modified 18.12.2024 19:45:03

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parse_lrc function within gstsubparse.c. The parse_lrc function calls strchr() to find the character ']' in...

9.1

CVE-2024-47834

  • EPSS 0.25%
  • Published 12.12.2024 02:03:43
  • Last modified 18.12.2024 19:43:02

GStreamer is a library for constructing graphs of media-handling components. An Use-After-Free read vulnerability has been discovered affecting the processing of CodecPrivate elements in Matroska streams. In the GST_MATROSKA_ID_CODECPRIVATE case with...