EUVD-2015-6760

Malware in sbrugna...

EUVD-2024-19188

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2015-6823

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The allocatebuffers function in libavcodec/alac.c in FFmpeg before 2.7.2 does not initialize certain context data, which allows remote attackers to cause a deni...

CVE-2025-1051

Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

Sonos Era 300 安全漏洞

Sonos Era 300 is a spatial audio speaker with Dolby Atmos Dolby Atmos from Sonos USA. A security vulnerability exists in Sonos Era 300 that stems from a lack of length validation during ALAC data processing, which could lead to remote code execution...

[SECURITY] Fedora 39 Update: uxplay-1.68.2-3.fc39

An AirPlay2 Mirror and AirPlay2 Audio but not Video server that provides screen-mirroring with audio of iOS/MacOS clients in a display window on the server host which can be shared using a screen-sharing application; Apple Lossless Audio ALAC e.g.,iTunes can be streamed from client to server in...

[SECURITY] Fedora 39 Update: uxplay-1.66-2.fc39

An AirPlay2 Mirror and AirPlay2 Audio but not Video server that provides screen-mirroring with audio of iOS/MacOS clients in a display window on the server host which can be shared using a screen-sharing application; Apple Lossless Audio ALAC e.g.,iTunes can be streamed from client to server in...

CVE-2022-24049

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos One Speaker prior to 3.4.1 S2 systems and 11.2.13 build 57923290 S1 systems. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ALAC audio codec...

FreeBSD : ffmpeg -- multiple vulnerabilities (3d950687-b4c9-4a86-8478-c56743547af8)

NVD reports : The decodeihdrchunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR aka image header chunk in a PNG image, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact v...

FFmpeg allocate_buffers denial of service vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'allocatebuffers' function in the libavcodec/alac.c file in versions of FFmpeg prior to 2.7.2, which stems from the program's failure to initialize...

CVE-2015-6823

The allocatebuffers function in libavcodec/alac.c in FFmpeg before 2.7.2 does not initialize certain context data, which allows remote attackers to cause a denial of service segmentation violation or possibly have unspecified other impact via crafted Apple Lossless Audio Codec ALAC data...

UBUNTU-CVE-2015-6823

The allocatebuffers function in libavcodec/alac.c in FFmpeg before 2.7.2 does not initialize certain context data, which allows remote attackers to cause a denial of service segmentation violation or possibly have unspecified other impact via crafted Apple Lossless Audio Codec ALAC data...

CVE-2015-6823

The vulnerability CVE-2015-6823 affects FFmpeg’s libavcodec/alac.c:allocate_buffers, where uninitialized context data can be used by crafted ALAC data to trigger a denial of service (segmentation fault) or other impact. This originates from FFmpeg before 2.7.2 failing to initialize certain pointe...

CVE-2013-0856

The lpcprediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec ALAC data, related to a large nbsamples value...

CVE-2013-0855

Integer overflow in the alacdecodeclose function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a large number of samples per frame in Apple Lossless Audio Codec ALAC data, which triggers an out-of-bounds array access...

Integer overflow

Integer overflow in the alacdecodeclose function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a large number of samples per frame in Apple Lossless Audio Codec ALAC data, which triggers an out-of-bounds array access...

CVE-2013-0856

The lpcprediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec ALAC data, related to a large nbsamples value...

CVE-2013-0855

Integer overflow in the alacdecodeclose function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a large number of samples per frame in Apple Lossless Audio Codec ALAC data, which triggers an out-of-bounds array access...

CVE-2013-0856

The vulnerability CVE-2013-0856 affects FFmpeg’s libavcodec ALAC decoding, specifically the lpc_prediction function in alac.c. Before FFmpeg 1.1, crafted ALAC data (related to a large nb_samples) can lead to a remote impact. The issue originates in the ALAC data handling within the lpc_prediction...