SUSE-SU-2026:21854-1 Security update for localsearch

This update for localsearch fixes the following issues: - CVE-2026-1764: Fixed a heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files. bsc1257606 - CVE-2026-1765: Fixed a Denial of Service and potential information disclosure via crafted MP3 files...

Ventis MediaMonkey 安全漏洞

Ventis MediaMonkey is a multi-functional music player software developed by the Czech company Ventis. Version 4.1.23 of Ventis MediaMonkey contains a security vulnerability. This vulnerability stems from a buffer overflow issue when opening specially crafted MP3 files, which could allow local...

CVE-2026-32889

A flaw was found in tinytag, a Python library for reading audio file metadata. An attacker who can supply specially crafted MP3 files for parsing can trigger a non-terminating loop within the library. This can cause the parsing operation to stop making progress, leading to a Denial of Service DoS...

Improper Null Termination

Overview Affected versions of this package are vulnerable to Improper Null Termination via the madrwavstrlen function. An attacker can cause memory access violations and application crashes by submitting specially crafted WAV files that exploit improper null-termination handling in the coding...

USN-7092-1 mpg123 vulnerability

It was discovered that mpg123 incorrectly handled certain mp3 files. If a user or automated system were tricked into opening a specially crafted mp3 file, a remote attacker could use this issue to cause mpg123 to crash, resulting in a denial of service, or possibly execute arbitrary code...

Important: audiofile

Issue Overview: Buffer overflow in the afReadFrames function in audiofile aka libaudiofile and Audio File Library allows user-assisted remote attackers to cause a denial of service program crash or possibly execute arbitrary code via a crafted audio file, as demonstrated by...

SUSE CVE-2017-7742

In libsndfile before 1.0.28, an error in the "flacbuffercopy" function flac.c can be exploited to cause a segmentation violation with read memory access via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585...

USN-5749-1 libsamplerate vulnerability

Erik de Castro Lopo and Agostino Sarubbo discovered that libsamplerate did not properly perform bounds checking. If a user were tricked into processing a specially crafted audio file, an attacker could possibly use this issue to cause a crash...

Apple macOS Big Sur 缓冲区错误漏洞

Apple macOS Big Sur is a mobile application app from Apple USA Inc. Apple macOS Big Sur CoreAudio suffers from a buffer error vulnerability that originates from parsing maliciously crafted audio files that could lead to the disclosure of user information. The following products and versions are...

Apple macOS Big Sur 缓冲区错误漏洞

Apple macOS Big Sur is a mobile application app from Apple USA Inc. Apple macOS Big Sur CoreAudio suffers from a buffer error vulnerability that originates from parsing maliciously crafted audio files that could lead to the disclosure of user information. The following products and versions are...

Apple tvOS 缓冲区错误漏洞

Apple tvOS is an operating system for Smart TVs from Apple, Inc. tvOS suffers from a buffer error vulnerability that stems from a boundary condition in the audio subsystem. A remote attacker could exploit the vulnerability could create a specially crafted audio file, trick a victim into opening i...

Apple CoreAudio Buffer Error Vulnerability

Apple CoreAudio is an American Apple component for processing audio in macOS devices. A security vulnerability exists in Apple CoreAudio, where processing of maliciously crafted audio files may result in arbitrary code execution. The following products and versions are affected: macOS Mojave...

AZL-44172 CVE-2015-7747 affecting package audiofile for versions less than 0.3.6-27

Buffer overflow in the afReadFrames function in audiofile aka libaudiofile and Audio File Library allows user-assisted remote attackers to cause a denial of service program crash or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c...

DEBIAN-CVE-2015-7747

Buffer overflow in the afReadFrames function in audiofile aka libaudiofile and Audio File Library allows user-assisted remote attackers to cause a denial of service program crash or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c...

Huawei EulerOS: Security Advisory for wavpack (EulerOS-SA-2019-2680)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Buffer Overflow Vulnerability in Audio Component of Multiple Apple Products

Apple iOS is an operating system developed for mobile devices.Apple tvOS is a smart TV operating system.Apple macOS Catalina is a specialized operating system developed for Mac computers.Audio is an audio component of the... A buffer error vulnerability exists in the Audio component of several...

libsndfile buffer overflow vulnerability (CNVD-2018-12766)

libsndfile is a C library developed by software developer Erik de Castro Lopo that reads and writes audio files in AIFF, AU, and WAV formats through standard interfaces. A buffer overflow vulnerability exists in the 'psfmemset' function of the common.c file in libsndfile version 1.0.28. A remote...

TagLib Information Disclosure Vulnerability

TagLib is a library for reading and editing audio files such as WAV. A security vulnerability exists in the 'TagLib::Ogg::FLAC::File::scan' function of the oggflacfile.cpp file in TagLib version 1.11.1. A remote attacker can exploit this vulnerability to disclose information heap-based buffer...

MP3Gain 'apetag.c' Memory Corruption Vulnerability

MP3Gain is a volume adjustment application for MP3 files. A security vulnerability exists in the apetag.c file in MP3Gain version 1.5.2.r2. The vulnerability can be exploited to corrupt stack memory with the help of specially crafted MP3 files...

Libav Denial of Service Vulnerability (CNVD-2018-07429)

Libav is an open source audio and video processing tools , providing for conversion , manipulation and streaming of various multimedia formats and protocols cross-platform tools and libraries . A denial of service vulnerability exists in the stereoprocessing function in libavcodec/aacps.c in Liba...