Malicious code in mp3-file-zip-d-ownload-82223-cage-tropical-48dqs-lilnlq (npm)

The package mp3-file-zip-d-ownload-82223-cage-tropical-48dqs-lilnlq was found to contain malicious code...

MAL-2025-26812 Malicious code in mp3-file-zip-d-ownload-the-liberty-of-norton-folgate-5wxzq-azpyay (npm)

The package mp3-file-zip-d-ownload-the-liberty-of-norton-folgate-5wxzq-azpyay was found to contain malicious code...

CVE-2025-43277

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.8, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted audio file may lead to memory corruption...

CVE-2025-43277

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.8. Processing a maliciously crafted audio file may lead to memory corruption...

CVE-2025-43277

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.8, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted audio file may lead to memory corruption...

CVE-2025-43277

CVE-2025-43277 affects CoreAudio on macOS Sonoma. The issue is a memory handling weakness that can lead to memory corruption when processing a malicious audio file. Apple assigns it as a local attack vector (requires user interaction) with high impact to confidentiality, integrity, and availabili...

CVE-2025-43277

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.8. Processing a maliciously crafted audio file may lead to memory corruption...

CVE-2025-43277

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.8, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted audio file may lead to memory corruption...

PT-2025-31340 · Apple · Macos Sequoia +6

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 18.6 iPadOS versions prior to 18.6 watchOS versions prior to 11.6 macOS Sequoia versions prior to 15.6 tvOS versions prior to 18.6 visionOS versions prior to 2.6 Description: The issue was addressed with improved memory...

webkitgtk: Out-of-bounds read leading to memory disclosure

An out-of-bounds read flaw was found in WebKitGTK. A specially crafted audio file could use this flaw to trigger a disclosure of memory when processed...

Astra Linux – Vulnerability in ffmpeg

A reachable assertion in FFmpeg’s git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service DoS by opening a crafted AAC file...

CVE-2024-0020

In onActivityResult of NotificationSoundPreference.java, there is a possible way to hear audio files belonging to a different user due to a confused deputy. This could lead to local information disclosure across users of a device with no additional execution privileges needed. User interaction is...

CVE-2023-2457

Out of bounds write in ChromeOS Audio Server in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker to potentially exploit heap corruption via crafted audio file. Chromium security severity: High...

CVE-2023-30207

A divide by zero issue discovered in Kodi Home Theater Software 19.5 and earlier allows attackers to cause a denial of service via use of crafted mp3 file...

CVE-2022-25023

Audio File commit 004065d was discovered to contain a heap-buffer overflow in the function fouBytesToInt:AudioFile.h...

CVE-2021-30957

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. Processing a maliciously crafted audio file may lead to arbitrary code execution...

CVE-2021-30776

A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Playing a malicious audio file may lead to an unexpected application termination...

CVE-2021-1846

Processing a maliciously crafted audio file may disclose restricted memory. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An out-of-bounds read was addressed with improved input validation...

CVE-2021-30959

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. Parsing a maliciously crafted audio file may lead to disclosure of user information...

CVE-2021-30960

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. Parsing a maliciously crafted audio file may lead to disclosure of user information...