Vulnerabilities > Gstreamer Project > Gstreamer > 1.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-09 | CVE-2017-5838 | Out-of-bounds Read vulnerability in Gstreamer Project Gstreamer The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string. | 7.5 |
| 2017-02-09 | CVE-2017-5837 | Divide By Zero vulnerability in Gstreamer Project Gstreamer The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file. | 5.5 |
| 2017-02-09 | CVE-2016-10199 | Out-of-bounds Read vulnerability in Gstreamer Project Gstreamer The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted tag value. | 7.5 |
| 2017-02-09 | CVE-2016-10198 | Out-of-bounds Read vulnerability in Gstreamer Project Gstreamer The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted audio file. | 5.5 |
| 2017-01-23 | CVE-2016-9446 | Improper Initialization vulnerability in multiple products The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas. | 7.5 |