Lucene search
K

193 matches found

OSV
OSV
added 2026/04/27 1:16 p.m.4 views

OPENSUSE-SU-2026:20632-1 Security update for freerdp2

This update for freerdp2 fixes the following issues: Changes in freerdp2: - Update freerdp-3-macro: + Add WINPRATTRMALLOC macro from freerdp 3 - Security fixes for the following issues: CVE-2026-25941: Fixed a out of bounds read bsc1258919 CVE-2026-25942: Fixed a buffer overflow in...

9.8CVSS5.1AI score0.00756EPSS
Exploits20References48
Tenable Nessus
Tenable Nessus
added 2026/04/13 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-14569

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was detected in ggml-org whisper.cpp up to 1.8.2. Affected is the function readaudiodata of the file /whisper.cpp/examples/common-whisper.cpp. T...

5.3CVSS5.6AI score0.00117EPSS
Exploits0References3
CNVD
CNVD
added 2026/04/02 12:0 a.m.4 views

FreeRDP Denial of Service Vulnerability (CNVD-2026-16035)

FreeRDP is an open source Remote Desktop Protocol RDP implementation library and client . A denial of service vulnerability exists in FreeRDP. The vulnerability arises because the IMA ADPCM audio decoding process does not validate the step index parameter, resulting in out-of-bounds access to the...

6.9CVSS5.9AI score0.00256EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/03/30 11:25 p.m.6 views

CVE-2026-33977

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit this vulnerability by sending specially crafted audio data in IMA ADPCM format with an invalid initial step index value. This unvalidated input can cause the FreeRDP client to...

6.9CVSS5.8AI score0.00256EPSS
Exploits1References5
CVE
CVE
added 2026/03/30 9:41 p.m.18 views

CVE-2026-33977

CVE-2026-33977 affects FreeRDP clients with audio redirection (RDPSND) enabled. Before version 3.24.2, a malicious RDP server can crash the client by sending IMA ADPCM audio data with an invalid initial step index (>= 89). The unvalidated step index is read from the network and used to index a...

6.9CVSS5.8AI score0.00256EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/03/30 9:41 p.m.20 views

CVE-2026-33977 FreeRDP: DoS via WINPR_ASSERT in IMA ADPCM audio decoder (dsp.c:331)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a malicious RDP server can crash the FreeRDP client by sending audio data in IMA ADPCM format with an invalid initial step index value = 89. The unvalidated step index is read directly from the network and...

6.9CVSS0.00256EPSS
Exploits1References2
OSV
OSV
added 2026/03/30 9:41 p.m.5 views

CVE-2026-33977 FreeRDP: DoS via WINPR_ASSERT in IMA ADPCM audio decoder (dsp.c:331)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a malicious RDP server can crash the FreeRDP client by sending audio data in IMA ADPCM format with an invalid initial step index value = 89. The unvalidated step index is read directly from the network and...

6.9CVSS5.9AI score0.00256EPSS
Exploits1References4
CVE
CVE
added 2026/02/21 7:18 a.m.17 views

CVE-2026-27467

CVE-2026-27467 affects BigBlueButton up to version 3.0.19. When first joining a session with the microphone muted, the client sends audio to the server regardless of mute state; the server discards media, so it is not audible to other participants, but a malicious server operator could access the...

2.4CVSS5.5AI score0.00174EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/02/21 12:0 a.m.8 views

BigBlueButton 信息泄露漏洞

BigBlueButton is an open-source web conferencing system developed by the BigBlueButton community. Versions of BigBlueButton 3.0.19 and earlier contained a vulnerability related to information leakage. This vulnerability occurred because the client still sent audio data even when the microphone wa...

2.4CVSS5.8AI score0.00174EPSS
Exploits0References2
OSV
OSV
added 2025/12/12 7:16 p.m.4 views

DEBIAN-CVE-2025-14569

A vulnerability was detected in ggml-org whisper.cpp up to 1.8.2. Affected is the function readaudiodata of the file /whisper.cpp/examples/common-whisper.cpp. The manipulation results in use after free. The attack requires a local approach. The exploit is now public and may be used. The project w...

4.8CVSS5.1AI score0.00117EPSS
Exploits0References1
CVE
CVE
added 2025/12/12 6:2 p.m.91 views

CVE-2025-14569

CVE-2025-14569 affects ggml-org whisper.cpp up to version 1.8.2. The vulnerable component is the read_audio_data function in /whisper.cpp/examples/common-whisper.cpp, with a use-after-free condition reported under local access. Multiple connected sources (NVD, Red Hat, EUVD, Debian tracker, CNVD/...

5.3CVSS5.2AI score0.00117EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/12/12 6:2 p.m.3 views

CVE-2025-14569 ggml-org whisper.cpp common-whisper.cpp read_audio_data use after free

A vulnerability was detected in ggml-org whisper.cpp up to 1.8.2. Affected is the function readaudiodata of the file /whisper.cpp/examples/common-whisper.cpp. The manipulation results in use after free. The attack requires a local approach. The exploit is now public and may be used. The project w...

5.3CVSS6.1AI score0.00117EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/12/12 6:2 p.m.6 views

CVE-2025-14569

A vulnerability was detected in ggml-org whisper.cpp up to 1.8.2. Affected is the function readaudiodata of the file /whisper.cpp/examples/common-whisper.cpp. The manipulation results in use after free. The attack requires a local approach. The exploit is now public and may be used. The project w...

5.3CVSS5.1AI score0.00117EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.7 views

PT-2025-50961

A vulnerability was detected in ggml-org whisper.cpp up to 1.8.2. Affected is the function read audio data of the file /whisper.cpp/examples/common-whisper.cpp. The manipulation results in use after free. The attack requires a local approach. The exploit is now public and may be used. The project...

5.3CVSS6.3AI score0.00117EPSS
Exploits0References7
OSV
OSV
added 2025/12/01 5:15 p.m.4 views

CVE-2025-65408

A NULL pointer dereference in the ADTSAudioFileServerMediaSubsession::createNewRTPSink function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service DoS via supplying a crafted ADTS file...

6.5CVSS5.8AI score0.00259EPSS
Exploits1References2
OSV
OSV
added 2025/12/01 5:15 p.m.6 views

UBUNTU-CVE-2025-65408

A NULL pointer dereference in the ADTSAudioFileServerMediaSubsession::createNewRTPSink function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service DoS via supplying a crafted ADTS file...

6.5CVSS5.8AI score0.00259EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2011-3913

Malware in sbrugna...

4.3CVSS9.3AI score0.01543EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-3205

Malware in sbrugna...

6.8CVSS6.4AI score0.00812EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-17240

Malware in sbrugna...

9.3CVSS7.9AI score0.0047EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-20114

Malware in sbrugna...

6.5CVSS6.6AI score0.00761EPSS
Exploits1References2
Rows per page
Query Builder