Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

gstreamer_project

Source -

ADPNVD

BOS Name -

N/A

CNA CVEs -

0

ADP CVEs -

2

CISA CVEs -

0

NVD CVEs -

1
Related CVEsRelated ProductsRelated AssignersReports
3Vulnerabilities found
CVE-2024-44331
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.53% / 67.30%
||
7 Day CHG~0.00%
Published-22 Oct, 2024 | 00:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-server/rtsp-media.c allows remote attackers to cause a denial of service via a series of specially crafted hexstream requests.

Action-Not Available
Vendor-n/agstreamer_project
Product-n/agst-rtsp-server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-50186
Assigner-Zero Day Initiative
ShareView Details
Assigner-Zero Day Initiative
CVSS Score-7.5||HIGH
EPSS-9.18% / 92.73%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 02:14
Updated-17 Mar, 2026 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of metadata within AV1 encoded video files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22300.

Action-Not Available
Vendor-gstreamerGStreamergstreamer_project
Product-gstreamerGStreamergstreamer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-6095
Assigner-Talos
ShareView Details
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.53% / 67.27%
||
7 Day CHG~0.00%
Published-27 Mar, 2020 | 19:20
Updated-04 Aug, 2024 | 08:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability.

Action-Not Available
Vendor-gstreamer_projectn/aopenSUSE
Product-gst-rtsp-serverbackports_sleleapGStreamer
CWE ID-CWE-690
Unchecked Return Value to NULL Pointer Dereference
CWE ID-CWE-476
NULL Pointer Dereference