Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xiph.org vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-14633
In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis().
Xiph.org Libvorbis 1.3.5
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
5
CVSSv2
CVE-2018-10393
bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.
Xiph.org Libvorbis 1.3.6
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Tus 8.4
6.8
CVSSv2
CVE-2018-10392
mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote malicious users to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file.
Xiph.org Libvorbis 1.3.6
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Tus 8.4
4.3
CVSSv2
CVE-2017-11548
The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 allows remote malicious users to cause a denial of service (memory corruption) via a crafted MP3 file.
Xiph Libao 1.2.0
1 EDB exploit
4.3
CVSSv2
CVE-2017-11331
The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote malicious users to cause a denial of service (memory allocation error) via a crafted wav file.
Xiph Vorbis-tools 1.4.0
1 EDB exploit
9.3
CVSSv2
CVE-2009-3389
Integer overflow in libtheora in Xiph.Org Theora prior to 1.1, as used in Mozilla Firefox 3.5 prior to 3.5.6 and SeaMonkey prior to 2.0.1, allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dime...
Mozilla Firefox 3.5.5
Mozilla Seamonkey 1.0.8
Mozilla Seamonkey 1.0.2
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.1.14
Mozilla Seamonkey 1.1.12
Mozilla Seamonkey 1.1.13
Mozilla Seamonkey 1.1.11
Mozilla Seamonkey 1.1.6
Mozilla Seamonkey 2.0
Mozilla Seamonkey 1.5.0.10
Mozilla Seamonkey 1.0.7
Mozilla Seamonkey 1.0.6
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.1.15
Mozilla Seamonkey 1.1.4
Mozilla Seamonkey 1.1.9
Mozilla Seamonkey 1.1.5
Mozilla Seamonkey 2.0a1
Mozilla Seamonkey 2.0a1pre
Mozilla Firefox 3.5.1
9.3
CVSSv2
CVE-2008-1686
Array index vulnerability in Speex 1.1.12 and previous versions, as used in libfishsound 0.9.0 and previous versions, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib prior to 1.1.12, and many other products, allows remote malicious users to exec...
Xine Xine-lib 1.1.10
Xine Xine-lib 1.1.1
Xine Xine-lib 0.9.8
Xine Xine-lib 0.9.13
Xine Xine-lib
Xine Xine-lib 1.1.10.1
Xine Xine-lib 1.0
Xine Xine-lib 0.99
Xine Xine-lib 1.1.0
Xine Xine-lib 1.0.3a
Xine Xine-lib 1.1.11
Xine Xine-lib 1.0.2
Xine Xine-lib 1.0.1
Xiph Speex 1.1.9
Xiph Speex 1.1.8
Xiph Speex 1.0.5
Xiph Speex 1.0.3
Xiph Speex 1.1.2
Xiph Speex 1.1.11
Xiph Speex 1.1.10
Xiph Speex 1.1.4
Xiph Speex 1.1.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2