Search CVE reports
11 – 20 of 32 results
CVE-2016-9447
Medium priorityThe ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file.
1 affected packages
gst-plugins-bad0.10
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gst-plugins-bad0.10 | — | — | — | — | Not in release |
CVE-2016-9446
Medium priorityThe vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated...
2 affected packages
gst-plugins-bad0.10, gst-plugins-bad1.0
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gst-plugins-bad0.10 | — | — | — | — | Not in release |
gst-plugins-bad1.0 | — | — | — | — | Fixed |
CVE-2016-9445
Medium priorityInteger overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service (crash) via large width and height values, which triggers a buffer overflow.
2 affected packages
gst-plugins-bad0.10, gst-plugins-bad1.0
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gst-plugins-bad0.10 | — | — | — | — | Not in release |
gst-plugins-bad1.0 | — | — | — | — | Fixed |
CVE-2016-9813
Low prioritySome fixes available 15 of 18
The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
2 affected packages
gst-plugins-bad0.10, gst-plugins-bad1.0
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gst-plugins-bad0.10 | Not in release | Not in release | Not in release | Not in release | Not in release |
gst-plugins-bad1.0 | Fixed | Fixed | Fixed | Fixed | Vulnerable |
CVE-2016-9812
Low prioritySome fixes available 15 of 18
The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a too small section.
2 affected packages
gst-plugins-bad0.10, gst-plugins-bad1.0
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gst-plugins-bad0.10 | Not in release | Not in release | Not in release | Not in release | Not in release |
gst-plugins-bad1.0 | Fixed | Fixed | Fixed | Fixed | Vulnerable |
CVE-2016-9809
Low prioritySome fixes available 16 of 20
Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.
2 affected packages
gst-plugins-bad0.10, gst-plugins-bad1.0
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gst-plugins-bad0.10 | Not in release | Not in release | Not in release | Not in release | Not in release |
gst-plugins-bad1.0 | Fixed | Fixed | Fixed | Fixed | Vulnerable |
CVE-2015-0797
Medium prioritySome fixes available 3 of 4
GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or...
1 affected packages
gst-plugins-bad0.10
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gst-plugins-bad0.10 | — | — | — | — | — |
CVE-2013-4234
Medium priorityMultiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (memory corruption and crash)...
2 affected packages
gst-plugins-bad0.10, libmodplug
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gst-plugins-bad0.10 | — | — | — | Not in release | Not in release |
libmodplug | — | — | — | Not affected | Not affected |
CVE-2013-4233
Medium priorityInteger overflow in the abc_set_parts function in load_abc.cpp in libmodplug 0.8.8.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted P header in an ABC file, which...
2 affected packages
gst-plugins-bad0.10, libmodplug
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gst-plugins-bad0.10 | — | — | — | Not in release | Not in release |
libmodplug | — | — | — | Not affected | Not affected |
CVE-2011-2915
Medium prioritySome fixes available 4 of 6
Off-by-one error in the CSoundFile::ReadAMS2 function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted AMS...
2 affected packages
gst-plugins-bad0.10, libmodplug
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gst-plugins-bad0.10 | — | — | — | — | — |
libmodplug | — | — | — | — | — |