Home › Packages › AlmaLinux:8 › gstreamer1-plugins-bad-freegstreamer1-plugins-bad-free (AlmaLinux:8) — known CVEs & security advisories Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:8 package gstreamer1-plugins-bad-free, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (12) CVE-2018-7263 — CVSS 9.8 (critical) : The mad_decoder_run() function in decoder.c in Underbit libmad through 0.15.1b allows remote attackers to cause a denial of service…CVE-2023-40474 — CVSS 8.8 (high) : GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…CVE-2023-40475 — CVSS 8.8 (high) : GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…CVE-2023-40476 — CVSS 8.8 (high) : GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to…CVE-2023-44446 — CVSS 8.8 (high) : GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…CVE-2025-3887 — CVSS 8.8 (high) : GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to…CVE-2026-3085 — CVSS 8.8 (high) : GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to…CVE-2026-3083 — CVSS 8.8 (high) : GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…CVE-2026-2923 — CVSS 7.8 (high) : GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…CVE-2026-3082 — CVSS 7.8 (high) : GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…CVE-2026-2920 — CVSS 7.8 (high) : GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…CVE-2026-2921 — CVSS 7.8 (high) : GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…