CVE-2023-44446 - GStreamer MXF File Parsing Use-After-Free Leads to Remote Code Execution
CVE-2023-44446 is a critical security flaw in GStreamer’s MXF file parsing logic. The vulnerability enables remote attackers to execute arbitrary code on machines that
CVE-2023-40475 - GStreamer MXF File Parsing Integer Overflow RCE Vulnerability Explored
Security researchers recently uncovered a serious vulnerability in the popular open-source multimedia framework, GStreamer. Tracked as CVE-2023-40475 (ZDI-CAN-21661), this flaw enables remote attackers to execute
CVE-2023-40476 - GStreamer H265 Parsing Stack Overflow Leads to Remote Code Execution
GStreamer is a widely-used open source multimedia framework that powers video and audio streaming in many Linux desktop environments and media applications. In August 2023,
CVE-2023-40474 - GStreamer MXF File Parsing Integer Overflow Leading to Remote Code Execution
GStreamer is a widely-used open source multimedia framework. In 2023, a critical security vulnerability was found that allows attackers to execute arbitrary code just by
CVE-2023-37328 - Exploiting a Heap-based Buffer Overflow in GStreamer’s PGS File Parsing
TL;DR:
A critical vulnerability, CVE-2023-37328 (ZDI-CAN-20994), was discovered in GStreamer’s handling of PGS subtitle files. Insufficient validation of user-supplied data can lead to
Episode
00:00:00
00:00:00