Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flac project flac vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-22219
Buffer Overflow vulnerability in function bitwriter_grow_ in flac prior to 1.4.0 allows remote malicious users to run arbitrary code via crafted input to the encoder.
Flac Project Flac
4.3
CVSSv2
CVE-2017-6888
An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.
Flac Project Flac
Debian Debian Linux 9.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
5.8
CVSSv2
CVE-2021-4156
An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricking a user to open or otherwise) to an application linked with libsndfile and using the FLAC codec, could trigger an out-of-bou...
Libsndfile Project Libsndfile 1.1.10
Debian Debian Linux 9.0
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2017-7741
In libsndfile prior to 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
Libsndfile Project Libsndfile
4.3
CVSSv2
CVE-2017-7742
In libsndfile prior to 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
Libsndfile Project Libsndfile
4.3
CVSSv2
CVE-2017-7585
In libsndfile prior to 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
Libsndfile Project Libsndfile
4.3
CVSSv2
CVE-2017-7586
In libsndfile prior to 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
Libsndfile Project Libsndfile
7.5
CVSSv2
CVE-2008-0486
Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote malicious users to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.
Mplayer Mplayer 1.02rc2
Xine Xine-lib 1.1.10
9.3
CVSSv2
CVE-2008-1161
Buffer overflow in the Matroska demuxer (demuxers/demux_matroska.c) in xine-lib prior to 1.1.10.1 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a Matroska file with invalid frame sizes.
Matroska Demuxer
6.8
CVSSv2
CVE-2007-1387
The DirectShow loader (loader/dshow/DS_VideoDecoder.c) in MPlayer 1.0rc1 and previous versions, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote malicious users to cause a buffer overflow and possibly execute arbitrary code, a...
Mplayer Mplayer
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »