Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flac vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-22219
Buffer Overflow vulnerability in function bitwriter_grow_ in flac prior to 1.4.0 allows remote malicious users to run arbitrary code via crafted input to the encoder.
Flac Project Flac
5.5
CVSSv3
CVE-2017-6888
An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.
Flac Project Flac
Debian Debian Linux 9.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
NA
CVE-2007-6277
Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC prior to 1.2.1 allow user-assisted remote malicious users to execute arbitrary code via large (1) Metadata Block Size, (2) VORBIS Comment String Size, (3) Picture Metadata MIME-TYPE Size, (4) Picture Descriptio...
Flac Libflac
NA
CVE-2007-6278
Free Lossless Audio Codec (FLAC) libFLAC prior to 1.2.1 allows user-assisted remote malicious users to force a client to download arbitrary files via the MIME-Type URL flag (-->) for the FLAC image file in a crafted .FLAC file.
Flac Libflac
NA
CVE-2007-6279
Multiple double free vulnerabilities in Free Lossless Audio Codec (FLAC) libFLAC prior to 1.2.1 allow user-assisted remote malicious users to execute arbitrary code via malformed (1) Seektable values or (2) Seektable Data Offsets in a .FLAC file.
Flac Libflac
NA
CVE-2014-9028
Heap-based buffer overflow in stream_decoder.c in libFLAC prior to 1.3.1 allows remote malicious users to execute arbitrary code via a crafted .flac file.
Flac Libflac
NA
CVE-2007-4619
Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC prior to 1.2.1, as used in Winamp prior to 5.5 and other products, allow user-assisted remote malicious users to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resul...
Flac Libflac
Nullsoft Winamp
4.3
CVSSv3
CVE-2020-0499
In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: An...
Google Android 11.0
Debian Debian Linux 9.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
5.5
CVSSv3
CVE-2021-0561
In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Produc...
Google Android 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.8
CVSSv3
CVE-2021-28465
Web Media Extensions Remote Code Execution Vulnerability
Microsoft Web Media Extensions -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »