Page 9 of 73 results (0.006 seconds)

CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0

GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags. GStreamer versiones anteriores a 1.18.4, puede llevar a cabo una lectura fuera de límites al manejar determinadas etiquetas ID3v2 • https://bugzilla.redhat.com/show_bug.cgi?id=1954761 https://security.gentoo.org/glsa/202208-31 https://security.netapp.com/advisory/ntap-20211022-0004 https://www.oracle.com/security-alerts/cpuoct2021.html • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files. GStreamer versiones anteriores a 1.18.4, podría causar daños en la pila al analizar determinados archivos Matroska malformado Gstreamer suffers from a use-after-free vulnerability in Matroska demuxing. • http://packetstormsecurity.com/files/162952/Gstreamer-Matroska-Demuxing-Use-After-Free.html https://bugzilla.redhat.com/show_bug.cgi?id=1945342 https://gstreamer.freedesktop.org/security/sa-2021-0003.html https://security.gentoo.org/glsa/202208-31 https://www.debian.org/security/2021/dsa-4900 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files. GStreamer versiones anteriores a 1.18.4, podría acceder a la memoria ya liberada en rutas de código de error al demultiplexar determinados archivos Matroska malformados • https://bugzilla.redhat.com/show_bug.cgi?id=1945339 https://gstreamer.freedesktop.org/security/sa-2021-0002.html https://lists.debian.org/debian-lts-announce/2021/04/msg00027.html https://security.gentoo.org/glsa/202208-31 https://www.debian.org/security/2021/dsa-4900 https://access.redhat.com/security/cve/CVE-2021-3497 • CWE-416: Use After Free •

CVSS: 8.8EPSS: 3%CPEs: 6EXPL: 0

GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution. GStreamer anterior a la versión 1.16.0 presenta una vulnerabilidad de desbordamiento de búfer basado en memoria dinámica (heap) en el parser de conexión RTSP mediante una respuesta de servidor especialmente diseñada, lo que permite potencialmente la ejecución remota de código. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00082.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00049.html https://gstreamer.freedesktop.org/security https://gstreamer.freedesktop.org/security/sa-2019-0001.html https://lists.debian.org/debian-lts-announce/2019/04/msg00030.html https://lists.debian.org/debian-lts-announce/2019/04/msg00031.html https://seclists.org/bugtraq/2019/Apr& • CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 1%CPEs: 1EXPL: 0

The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted audio file. La función gst_aac_parse_sink_setcaps en gst/audioparsers/gstaacparse.c en gst-plugins-good en GStreamer en versiones anteriores a 1.10.3 permite a atacantes remotos provocar una denegación de servicio (lectura de memoria no válida y caída) a través de un archivo de audio manipulado. • http://www.debian.org/security/2017/dsa-3820 http://www.openwall.com/lists/oss-security/2017/02/01/7 http://www.openwall.com/lists/oss-security/2017/02/02/9 http://www.securityfocus.com/bid/96001 https://access.redhat.com/errata/RHSA-2017:2060 https://bugzilla.gnome.org/show_bug.cgi?id=775450 https://gstreamer.freedesktop.org/releases/1.10/#1.10.3 https://lists.debian.org/debian-lts-announce/2020/05/msg00029.html https://security.gentoo.org/glsa/201705- • CWE-125: Out-of-bounds Read •