Vulnerabilities > Gstreamer Project > Gstreamer > 0.10.9

DATE CVE VULNERABILITY TITLE RISK
2022-07-19 CVE-2022-1921 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files.
local
low complexity
gstreamer-project debian CWE-190
7.8
7.8
2022-07-19 CVE-2022-1922 Integer Overflow or Wraparound vulnerability in multiple products
DOS / potential heap overwrite in mkv demuxing using zlib decompression.
local
low complexity
gstreamer-project debian CWE-190
7.8
7.8
2022-07-19 CVE-2022-1923 Integer Overflow or Wraparound vulnerability in multiple products
DOS / potential heap overwrite in mkv demuxing using bzip decompression.
local
low complexity
gstreamer-project debian CWE-190
7.8
7.8
2022-07-19 CVE-2022-1924 Integer Overflow or Wraparound vulnerability in multiple products
DOS / potential heap overwrite in mkv demuxing using lzo decompression.
local
low complexity
gstreamer-project debian CWE-190
7.8
7.8
2022-07-19 CVE-2022-1925 Integer Overflow or Wraparound vulnerability in multiple products
DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression.
local
low complexity
gstreamer-project debian CWE-190
7.8
7.8
2022-07-19 CVE-2022-2122 Integer Overflow or Wraparound vulnerability in multiple products
DOS / potential heap overwrite in qtdemux using zlib decompression.
local
low complexity
gstreamer-project debian CWE-190
7.8
7.8
2021-06-02 CVE-2021-3522 Out-of-bounds Read vulnerability in multiple products
GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.
local
low complexity
gstreamer-project netapp oracle CWE-125
5.5
5.5
2021-04-19 CVE-2021-3497 Use After Free vulnerability in multiple products
GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files.
local
low complexity
gstreamer-project redhat debian CWE-416
7.8
7.8
2019-04-24 CVE-2019-9928 Out-of-bounds Write vulnerability in multiple products
GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.
network
low complexity
gstreamer-project debian canonical CWE-787
8.8
8.8
2017-02-09 CVE-2017-5848 Out-of-bounds Read vulnerability in multiple products
The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing.
network
low complexity
gstreamer-project debian redhat CWE-125
7.5
7.5