Sebastian Dröge

2 exploits Active since Feb 2017
CVE-2017-5847 WRITEUP HIGH WRITEUP
GStreamer < 1.11.2 - Denial of Service via ASF Demux Extended Content Descriptor Processing
The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.
CVSS 7.5
CVE-2018-20843 WRITEUP HIGH WRITEUP
libexpat < 2.2.7 - Denial of Service via XML Names with Excessive Colons
In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).
CVSS 7.5