Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

11 – 20 of 32 results

CVE-2016-9447

Medium priority
Fixed

The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file.

1 affected packages

gst-plugins-bad0.10

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-bad0.10 Not in release
Show less packages

CVE-2016-9446

Medium priority
Fixed

The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated...

2 affected packages

gst-plugins-bad0.10, gst-plugins-bad1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-bad0.10 Not in release
gst-plugins-bad1.0 Fixed
Show less packages

CVE-2016-9445

Medium priority
Fixed

Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service (crash) via large width and height values, which triggers a buffer overflow.

2 affected packages

gst-plugins-bad0.10, gst-plugins-bad1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-bad0.10 Not in release
gst-plugins-bad1.0 Fixed
Show less packages

CVE-2016-9813

Low priority

Some fixes available 15 of 18

The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.

2 affected packages

gst-plugins-bad0.10, gst-plugins-bad1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-bad0.10 Not in release Not in release Not in release Not in release Not in release
gst-plugins-bad1.0 Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2016-9812

Low priority

Some fixes available 15 of 18

The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a too small section.

2 affected packages

gst-plugins-bad0.10, gst-plugins-bad1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-bad0.10 Not in release Not in release Not in release Not in release Not in release
gst-plugins-bad1.0 Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2016-9809

Low priority

Some fixes available 16 of 20

Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.

2 affected packages

gst-plugins-bad0.10, gst-plugins-bad1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-bad0.10 Not in release Not in release Not in release Not in release Not in release
gst-plugins-bad1.0 Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2015-0797

Medium priority

Some fixes available 3 of 4

GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or...

1 affected packages

gst-plugins-bad0.10

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-bad0.10
Show less packages

CVE-2013-4234

Medium priority
Ignored

Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (memory corruption and crash)...

2 affected packages

gst-plugins-bad0.10, libmodplug

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-bad0.10 Not in release Not in release
libmodplug Not affected Not affected
Show less packages

CVE-2013-4233

Medium priority
Ignored

Integer overflow in the abc_set_parts function in load_abc.cpp in libmodplug 0.8.8.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted P header in an ABC file, which...

2 affected packages

gst-plugins-bad0.10, libmodplug

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-bad0.10 Not in release Not in release
libmodplug Not affected Not affected
Show less packages

CVE-2011-2915

Medium priority

Some fixes available 4 of 6

Off-by-one error in the CSoundFile::ReadAMS2 function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted AMS...

2 affected packages

gst-plugins-bad0.10, libmodplug

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gst-plugins-bad0.10
libmodplug
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. Next page
Export to JSON