141 matches found
Integer overflow
In audio ipi, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558777; Issue ID: ALPS06558777...
CVE-2022-21787
In audio DSP, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558844; Issue ID: ALPS06558844...
CVE-2022-21786
In audio DSP, there is a possible memory corruption due to improper casting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558822; Issue ID: ALPS06558822...
SoX Denial of Service Vulnerability
SoX is a set of audio processing tools. SoX version 14.4.2 contains a denial of service vulnerability that results from an assertion failure in rateinit in rate.c in libsox.a. The vulnerability can be exploited to cause a denial of service. An attacker could exploit this vulnerability to cause a...
new packages: webrtc-audio-processing
An update is available for webrtc-audio-processing. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...
webrtc-audio-processing bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
webrtc-audio-processing bug fix and enhancement update
An update is available for webrtc-audio-processing. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...
PJSIP 安全漏洞
PJSIP is a free and open source multimedia communication library written in C that implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. A security vulnerability exists in PJSIP 2.12 and earlier versions, which originates from playing/reading invalid WAV files...
The vulnerability of the flac_buffer_copy() function in the library for reading and writing audio files from libsndfile allows a attacker to execute arbitrary code on the target system.
The vulnerability of the flacbuffercopy function in the library for reading and writing audio files in libsndfile is related to buffer overflows in dynamic memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code on the target system...
The vulnerability of Adobe Premiere Rush software, related to the execution of operations beyond buffer boundaries in memory, allows attackers to execute arbitrary code.
The vulnerability of Adobe Premiere Rush relates to the execution of operations beyond the buffer in memory when processing M4A files. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
DEBIAN-CVE-2021-30836
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory...
CVE-2021-0663
In audio DSP, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05844458; Issue ID: ALPS05844458...
CVE-2021-30686
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted audio file may disclose restricted memory...
CVE-2021-30742
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted audio file may lead to arbitrary code execution...
Libav Heap Buffer Overflow Vulnerability (CNVD-2021-94921)
Libav is an open source audio and video processing tool that provides cross-platform tools and libraries for converting, manipulating, and streaming various multimedia formats and protocols. vc1decodebmbintfi in vc1block.c in Libav version 12.3 is vulnerable to a heap buffer overflow. An attacker...
CVE-2020-3691
Possible out of bound memory access in audio due to integer underflow while processing modified contents in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
CVE-2020-10017
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. Processing a maliciously crafted audio file may lead to arbitrary code execution...
PT-2020-11861 · Apple · Ipados +4
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.0.1 iOS versions prior to 14.2 iPadOS versions prior to 14.2 tvOS versions prior to 14.2 watchOS versions prior to 7.1 Description: An out-of-bounds write issue was addressed with improved input validation. Processi...
PT-2020-16846 · Apple · Ipados +4
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.1 Security Update versions prior to 2020-001 Catalina Security Update versions prior to 2020-007 Mojave macOS Big Sur version 11.0.1 iOS versions prior to 14.2 iPadOS versions prior to 14.2 watchOS versions prior to...
About the security content of watchOS 7.1
About the security content of watchOS 7.1 This document describes the security content of watchOS 7.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...