88 matches found
[SECURITY] Fedora 42 Update: uxplay-1.73.3-1.fc42
An AirPlay2 Mirror and AirPlay2 Audio but not Video server that provides screen-mirroring with audio of iOS/MacOS clients in a display window on the server host which can be shared using a screen-sharing application; Apple Lossless Audio ALAC e.g.,iTunes can be streamed from client to server in...
CVE-2021-0674
In alac decoder, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064237...
EUVD-2013-0867
Malware in sbrugna...
EUVD-2020-3494
Malware in sbrugna...
EUVD-2013-0866
Malware in sbrugna...
EUVD-2021-3294
Malicious code in bioql PyPI...
EUVD-2021-3293
Malicious code in bioql PyPI...
EUVD-2022-25352
Malicious code in bioql PyPI...
CVE-2025-1051
Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-1051 Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability
Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-1051 Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability
Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-1051
CVE-2025-1051 – Sonos Era 300 RCE via heap-based overflow : The vulnerability affects Sonos Era 300 speakers and stems from improper validation of the length of ALAC data before copying into a heap-based buffer. This allows network-adjacent attackers to execute code with the context of the anacap...
PT-2025-23217 · Sonos · Sonos Era 300
Name of the Vulnerable Software and Affected Versions: Sonos Era 300 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. No authentication is required to exploit this issue. The specific flaw exist...
(Pwn2Own) Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of ALAC data. The issue results from the lack of proper validation of the...
CVE-2024-20009
In alac decoder, there is a possible out of bounds write due to an incorrect error handling. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441150; Issue ID: ALPS08441150...
CVE-2024-20011
In alac decoder, there is a possible information disclosure due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08441146; Issue ID: ALPS08441146...
CVE-2022-20092
In alac decoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366061; Issue ID: ALPS06366061...
CVE-2021-0675
In alac decoder, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064258...
CVE-2020-11140
Out of bound memory access during music playback with ALAC modified content due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
CVE-2022-24049
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos One Speaker prior to 3.4.1 S2 systems and 11.2.13 build 57923290 S1 systems. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ALAC audio codec...