Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flac project flac vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-22219
Buffer Overflow vulnerability in function bitwriter_grow_ in flac prior to 1.4.0 allows remote malicious users to run arbitrary code via crafted input to the encoder.
Flac Project Flac
5.5
CVSSv3
CVE-2017-6888
An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.
Flac Project Flac
Debian Debian Linux 9.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
7.1
CVSSv3
CVE-2021-4156
An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricking a user to open or otherwise) to an application linked with libsndfile and using the FLAC codec, could trigger an out-of-bou...
Libsndfile Project Libsndfile 1.1.10
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2017-7741
In libsndfile prior to 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
Libsndfile Project Libsndfile
5.5
CVSSv3
CVE-2017-7742
In libsndfile prior to 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
Libsndfile Project Libsndfile
5.5
CVSSv3
CVE-2017-7585
In libsndfile prior to 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
Libsndfile Project Libsndfile
5.5
CVSSv3
CVE-2017-7586
In libsndfile prior to 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
Libsndfile Project Libsndfile
NA
CVE-2008-0486
Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote malicious users to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.
Mplayer Mplayer 1.02rc2
Xine Xine-lib 1.1.10
NA
CVE-2008-1161
Buffer overflow in the Matroska demuxer (demuxers/demux_matroska.c) in xine-lib prior to 1.1.10.1 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a Matroska file with invalid frame sizes.
Matroska Demuxer
NA
CVE-2007-1246
The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and previous versions, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote malicious users to cause a buffer overflow and possibly execute arbi...
Mplayer Mplayer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »