High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-07-19	CVE-2022-1924	Integer Overflow or Wraparound vulnerability in multiple products DOS / potential heap overwrite in mkv demuxing using lzo decompression. local low complexity gstreamer-project debian CWE-190	7.8
2022-07-19	CVE-2022-1925	Integer Overflow or Wraparound vulnerability in multiple products DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. local low complexity gstreamer-project debian CWE-190	7.8
2022-07-19	CVE-2022-2122	Integer Overflow or Wraparound vulnerability in multiple products DOS / potential heap overwrite in qtdemux using zlib decompression. local low complexity gstreamer-project debian CWE-190	7.8
2021-04-19	CVE-2021-3498	Out-of-bounds Write vulnerability in multiple products GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files. local low complexity gstreamer-project redhat debian CWE-787	7.8
2021-04-19	CVE-2021-3497	Use After Free vulnerability in multiple products GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files. local low complexity gstreamer-project redhat debian CWE-416	7.8
2020-03-27	CVE-2020-6095	NULL Pointer Dereference vulnerability in multiple products An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. network low complexity gstreamer-project opensuse CWE-476	7.5
2019-04-24	CVE-2019-9928	Out-of-bounds Write vulnerability in multiple products GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution. network low complexity gstreamer-project debian canonical CWE-787	8.8
2017-02-09	CVE-2017-5848	Out-of-bounds Read vulnerability in multiple products The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing. network low complexity gstreamer-project debian redhat CWE-125	7.5
2017-02-09	CVE-2017-5847	Out-of-bounds Read vulnerability in multiple products The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors. network low complexity gstreamer-project debian CWE-125	7.5
2017-02-09	CVE-2017-5845	Out-of-bounds Read vulnerability in Gstreamer Project Gstreamer The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a ncdt sub-tag that "goes behind" the surrounding tag. network low complexity gstreamer-project CWE-125	7.5