330 matches found
[SECURITY] [DLA 4644-1] libmatio security update
Debian LTS Advisory DLA-4644-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson June 24, 2026 https://wiki.debian.org/LTS Package : libmatio Version : 1.5.23-2+deb12u1 CVE ID : CVE-2025-2337 CVE-2025-2338 CVE-2025-50343 Debian Bug : 1100992 1104247 1124797...
OESA-2026-2353 audiofile security update
The Audio File Library is a C-based library for reading and writing audio files in many common formats. Security Fixes: The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service...
Unity Linux 20.1060e / 20.1070e Security Update: audiofile (UTSA-2026-017494)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017494 advisory. Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in Audio File Library aka audiofile 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 and 0.2.7...
Unity Linux 20.1060e / 20.1070e Security Update: audiofile (UTSA-2026-017495)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017495 advisory. Integer overflow in sfcommands/sfconvert.c in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service crash via a crafted file...
OESA-2026-1786 audiofile security update
The Audio File Library is a C-based library for reading and writing audio files in many common formats. Security Fixes: In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial ...
OESA-2026-1785 audiofile security update
The Audio File Library is a C-based library for reading and writing audio files in many common formats. Security Fixes: In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial ...
OESA-2026-1784 audiofile security update
The Audio File Library is a C-based library for reading and writing audio files in many common formats. Security Fixes: In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial ...
OESA-2026-1783 audiofile security update
The Audio File Library is a C-based library for reading and writing audio files in many common formats. Security Fixes: In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial ...
OESA-2026-1782 audiofile security update
The Audio File Library is a C-based library for reading and writing audio files in many common formats. Security Fixes: In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial ...
MiracleLinux 7 : file-5.11-36.el7 (AXSA:2020-4555:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-4555:01 advisory. file: out-of-bounds read via a crafted ELF file CVE-2018-10360 Tenable has extracted the preceding description block directly from the MiracleLinux security...
PT-2026-27135
Name of the Vulnerable Software and Affected Versions GNU Binutils versions affected versions not specified Description A flaw exists in the GNU Binutils BFD library, a component used for handling binary files. The issue arises when processing specially crafted XCOFF object files, specifically du...
MATIO 安全漏洞
MATIO is an open source C language library for reading and writing binary MATLAB MAT files by tbeu individual developers. A security vulnerability exists in MATIO version 1.5.28, which stems from a mismatch between the value of nfields in the MatVarCreateStruct function and the actual number of...
RHEL 7 : audiofile (RHSA-2025:23457)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:23457 advisory. The Audio File library is an implementation of the Audio File Library from SGI, which provides an API for accessing audio file formats like...
JLSEC-2025-314 A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcro...
A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file...
WordPress ERI File Library plugin unauthorized data access vulnerability
The WordPress ERI File Library plugin is a lightweight plugin designed for WordPress to create and publish document galleries, with support for inserting documents via the Gutenberg editor or shortcode. WordPress ERI File Library plugin suffers from an unauthorized data access vulnerability that...
CVE-2025-12041
The ERI File Library plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eriflfile' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to download files restricted to specific user...
CVE-2025-12041
The ERI File Library plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eriflfile' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to download files restricted to specific user...
EUVD-2025-37323
The ERI File Library plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eriflfile' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to download files restricted to specific user...
CVE-2025-12041
The CVE-2025-12041 entry concerns the WordPress ERI File Library plugin up to version 1.1.0, where a missing capability check on the erifl_file AJAX action allows unauthenticated attackers to download files restricted to specific user roles. Affected software: WordPress ERI File Library plugin (v...
CVE-2025-12041 ERI File Library <= 1.1.0 - Missing Authorization to Unauthenticated Protected File Download
The ERI File Library plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eriflfile' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to download files restricted to specific user...