Page 8 of 73 results (0.005 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1

DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. DOS / potencial escritura excesiva de la pila en qtdemux usando descompresión zlib. Desbordamiento de enteros en un elemento de qtdemux en la función qtdemux_inflate que causa un segfault, o podría causar una escritura excesiva de la pila, dependiendo de la libc y el SO. • https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225 https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html https://www.debian.org/security/2022/dsa-5204 https://access.redhat.com/security/cve/CVE-2022-2122 https://bugzilla.redhat.com/show_bug.cgi?id=2131018 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1

DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be triggered, however the matroskaparse element has no size checks. DOS / potencial escritura excesiva de la pila en la demuxación de mkv usando la descompresión HEADERSTRIP. Desbordamiento de enteros en el elemento matroskaparse en la función gst_matroska_decompress_data que causa un desbordamiento del montón. • https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225 https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html https://www.debian.org/security/2022/dsa-5204 https://access.redhat.com/security/cve/CVE-2022-1925 https://bugzilla.redhat.com/show_bug.cgi?id=2131007 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1

DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gst_matroska_decompress_data function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite. • https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225 https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html https://www.debian.org/security/2022/dsa-5204 https://access.redhat.com/security/cve/CVE-2022-1922 https://bugzilla.redhat.com/show_bug.cgi?id=2130955 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1

Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite. Desbordamiento de enteros en el elemento matroskademux en la función gst_matroska_demux_add_wvpk_header que permite una sobreescritura en el montón mientras se analizan los archivos matroska. Potencial para la ejecución de código arbitrario a través de la sobreescritura de la pila. A flaw was found in GStreamer. • https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1226 https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html https://www.debian.org/security/2022/dsa-5204 https://access.redhat.com/security/cve/CVE-2022-1920 https://bugzilla.redhat.com/show_bug.cgi?id=2130935 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1

Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite. Desbordamiento de enteros en el elemento avidemux en la función gst_avi_demux_invert que permite una escritura excesiva de la pila mientras se analizan archivos avi. Potencial para la ejecución de código arbitrario a través de la sobreescritura de la pila. A flaw was found in GStreamer. • https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1224 https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html https://www.debian.org/security/2022/dsa-5204 https://access.redhat.com/security/cve/CVE-2022-1921 https://bugzilla.redhat.com/show_bug.cgi?id=2130949 • CWE-190: Integer Overflow or Wraparound •