Page 3 of 44 results (0.006 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1

Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite. Desbordamiento de enteros en el elemento avidemux en la función gst_avi_demux_invert que permite una escritura excesiva de la pila mientras se analizan archivos avi. Potencial para la ejecución de código arbitrario a través de la sobreescritura de la pila. A flaw was found in GStreamer. • https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1224 https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html https://www.debian.org/security/2022/dsa-5204 https://access.redhat.com/security/cve/CVE-2022-1921 https://bugzilla.redhat.com/show_bug.cgi?id=2130949 • CWE-190: Integer Overflow or Wraparound •

CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0

GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags. GStreamer versiones anteriores a 1.18.4, puede llevar a cabo una lectura fuera de límites al manejar determinadas etiquetas ID3v2 • https://bugzilla.redhat.com/show_bug.cgi?id=1954761 https://security.gentoo.org/glsa/202208-31 https://security.netapp.com/advisory/ntap-20211022-0004 https://www.oracle.com/security-alerts/cpuoct2021.html • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files. GStreamer versiones anteriores a 1.18.4, podría causar daños en la pila al analizar determinados archivos Matroska malformado Gstreamer suffers from a use-after-free vulnerability in Matroska demuxing. • http://packetstormsecurity.com/files/162952/Gstreamer-Matroska-Demuxing-Use-After-Free.html https://bugzilla.redhat.com/show_bug.cgi?id=1945342 https://gstreamer.freedesktop.org/security/sa-2021-0003.html https://security.gentoo.org/glsa/202208-31 https://www.debian.org/security/2021/dsa-4900 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files. GStreamer versiones anteriores a 1.18.4, podría acceder a la memoria ya liberada en rutas de código de error al demultiplexar determinados archivos Matroska malformados • https://bugzilla.redhat.com/show_bug.cgi?id=1945339 https://gstreamer.freedesktop.org/security/sa-2021-0002.html https://lists.debian.org/debian-lts-announce/2021/04/msg00027.html https://security.gentoo.org/glsa/202208-31 https://www.debian.org/security/2021/dsa-4900 https://access.redhat.com/security/cve/CVE-2021-3497 • CWE-416: Use After Free •

CVSS: 8.8EPSS: 2%CPEs: 6EXPL: 0

GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution. GStreamer anterior a la versión 1.16.0 presenta una vulnerabilidad de desbordamiento de búfer basado en memoria dinámica (heap) en el parser de conexión RTSP mediante una respuesta de servidor especialmente diseñada, lo que permite potencialmente la ejecución remota de código. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00082.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00049.html https://gstreamer.freedesktop.org/security https://gstreamer.freedesktop.org/security/sa-2019-0001.html https://lists.debian.org/debian-lts-announce/2019/04/msg00030.html https://lists.debian.org/debian-lts-announce/2019/04/msg00031.html https://seclists.org/bugtraq/2019/Apr& • CWE-787: Out-of-bounds Write •