Filtered by vendor Gstreamer Project
Subscribe
Total
31 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-9445 | 1 Gstreamer Project | 1 Gstreamer | 2020-02-24 | 5.0 MEDIUM | 7.5 HIGH |
Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service (crash) via large width and height values, which triggers a buffer overflow. | |||||
CVE-2017-5839 | 1 Gstreamer Project | 1 Gstreamer | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow and crash) via vectors involving nested WAVEFORMATEX. | |||||
CVE-2017-5844 | 1 Gstreamer Project | 1 Gstreamer | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file. | |||||
CVE-2017-5837 | 1 Gstreamer Project | 1 Gstreamer | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file. | |||||
CVE-2017-5843 | 1 Gstreamer Project | 1 Gstreamer | 2018-01-04 | 5.0 MEDIUM | 7.5 HIGH |
Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service (crash) via vectors involving stream tags, as demonstrated by 02785736.mxf. | |||||
CVE-2017-5838 | 1 Gstreamer Project | 1 Gstreamer | 2018-01-04 | 5.0 MEDIUM | 7.5 HIGH |
The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string. | |||||
CVE-2017-5845 | 1 Gstreamer Project | 1 Gstreamer | 2018-01-04 | 5.0 MEDIUM | 7.5 HIGH |
The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a ncdt sub-tag that "goes behind" the surrounding tag. | |||||
CVE-2017-5842 | 1 Gstreamer Project | 1 Gstreamer | 2018-01-04 | 4.3 MEDIUM | 5.5 MEDIUM |
The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted SMI file, as demonstrated by OneNote_Manager.smi. | |||||
CVE-2017-5841 | 1 Gstreamer Project | 1 Gstreamer | 2018-01-04 | 5.0 MEDIUM | 7.5 HIGH |
The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving ncdt tags. | |||||
CVE-2016-9447 | 1 Gstreamer Project | 1 Gstreamer | 2018-01-04 | 6.8 MEDIUM | 7.8 HIGH |
The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file. | |||||
CVE-2016-10199 | 1 Gstreamer Project | 1 Gstreamer | 2018-01-04 | 5.0 MEDIUM | 7.5 HIGH |
The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted tag value. |