Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/02/03 12:0 a.m.17 views

openSUSE 15 Security Update : SDL2_sound (openSUSE-SU-2025:0037-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:0037-1 advisory. - Update to release 2.0.4: Update bundled stbvorbis to address CVE-2023-45676, CVE-2023-45677, CVE-2023-45679, CVE-2023-45680, CVE-2023-45681,...

7.8CVSS6.6AI score0.0056EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2025/01/11 12:0 a.m.9 views

Fedora 41 : libxmp (2025-23e4aeeb91)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-23e4aeeb91 advisory. Latest upstream release. Changelog: Fixes: CVE-2023-45679: Attempt to free an uninitialized memory pointer in vorbisdeinit CVE-2023-45680: Null...

7.8CVSS6.9AI score0.0056EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2024/05/22 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2024-0186)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.0141EPSS
Exploits1References4
OSV
OSV
added 2024/05/17 11:8 a.m.1 views

OESA-2024-1583 stb security update

Single-file public domain libraries for C/C++. Security Fixes: stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in startdecoder. The root cause is a potential integer overflow in sizeofchar...

9.8CVSS7.6AI score0.0141EPSS
Exploits1References3
NVD
NVD
added 2023/10/21 12:15 a.m.12 views

CVE-2023-45681

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in startdecoder. The root cause is a potential integer overflow in sizeofchar f-commentlistlength which may make setupmalloc allocate less memory...

7.8CVSS8.7AI score0.00518EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2023/10/21 12:15 a.m.16 views

CVE-2023-45681

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in startdecoder. The root cause is a potential integer overflow in sizeofchar f-commentlistlength which may make setupmalloc allocate less memory...

7.8CVSS7.2AI score0.00518EPSS
Exploits0References5
OSV
OSV
added 2023/10/21 12:15 a.m.5 views

UBUNTU-CVE-2023-45681

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in startdecoder. The root cause is a potential integer overflow in sizeofchar f-commentlistlength which may make setupmalloc allocate less memory...

7.8CVSS6.1AI score0.00518EPSS
Exploits0References6
CVE
CVE
added 2023/10/20 11:26 p.m.56 views

CVE-2023-45681

CVE-2023-45681 affects the stb_vorbis library used by stb_vorbis (single-file MIT licensed) for OGG Vorbis processing. A crafted file may trigger a memory write past an allocated heap buffer in start_decoder due to an integer overflow in sizeof(char*) * (f->comment_list_length), causing under-...

7.8CVSS7.7AI score0.00518EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder