851 matches found
CVE-2026-32836
drlibs drflac.h version 0.13.3 and earlier fixed in commits fefced4, 4f5a4cd, and 663239a contain an uncontrolled memory allocation vulnerability in drflacreadanddecodemetadata that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can...
UBUNTU-CVE-2026-32836
drlibs drflac.h version 0.13.3 and earlier fixed in commits fefced4, 4f5a4cd, and 663239a contain an uncontrolled memory allocation vulnerability in drflacreadanddecodemetadata that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can...
CVE-2026-32836 mackron / dr_libs dr_flac.h Excessive Memory Allocation in PICTURE Metadata Parsing
drlibs drflac.h version 0.13.3 and earlier fixed in commits fefced4, 4f5a4cd, and 663239a contain an uncontrolled memory allocation vulnerability in drflacreadanddecodemetadata that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can...
CVE-2026-32836
CVE-2026-32836 affects dr_libs up to version 0.13.3, where drflac__read_and_decode_metadata() can trigger uncontrolled memory allocation via crafted PICTURE metadata blocks. Attackers can set attacker-controlled mimeLength and descriptionLength to cause memory exhaustion and denial of service whi...
CVE-2026-32836 mackron / dr_libs dr_flac.h Excessive Memory Allocation in PICTURE Metadata Parsing
drlibs drflac.h version 0.13.3 and earlier fixed in commits fefced4, 4f5a4cd, and 663239a contain an uncontrolled memory allocation vulnerability in drflacreadanddecodemetadata that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can...
Fedora 42 : SDL2_sound (2026-bfa5bd0004)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bfa5bd0004 advisory. Latest upstream snapshot from stable-2.0 branch. Fixes CVE-2025-14369 in bundled drflac. Tenable has extracted the preceding description block directly from...
Advisory ROSA-SA-2026-3144
Software: flac 1.3.2 OS: ROSA Virtualization 3.1 unaffected versions = flac-1.3.2-9.rv31.1 affected versions flac-1.3.2-9.rv31.1 CVE-ID: CVE-2020-22219 BDU-ID: 2023-06152 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the bitwritergrow in function of the FLAC audio codec is related to an operation...
Advisory ROSA-SA-2026-3139
Software: flac 1.3.2 OS: ROSA Virtualization 3.0 unaffected versions = flac-1.3.2-9.rv30.1 affected versions flac-1.3.2-9.rv30.1 CVE-ID: CVE-2020-22219 BDU-ID: 2023-06152 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the bitwritergrow in function of the FLAC audio codec is related to an operation...
Advisory ROSA-SA-2026-3134
Software: flac 1.3.2 OS: ROSA Virtualization 2.1 unaffected versions = flac-1.3.2-9.rv3.1 affected versions flac-1.3.2-9.rv3.1 CVE-ID: CVE-2020-22219 BDU-ID: 2023-06152 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the bitwritergrow in function of the FLAC audio codec is related to an operation...
Linux Distros Unpatched Vulnerability : CVE-2025-14369
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC...
CVE-2025-14369
A flaw was found in drflac, an audio decoder within the drlibs toolset. This integer overflow vulnerability occurs due to the tool trusting the totalPCMFrameCount field from FLAC Free Lossless Audio Codec metadata without proper buffer size calculation. An attacker can exploit this by providing a...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the totalPCMFrameCount field from FLAC metadata before buffer size calculation. An attacker can cause a program crash or resource exhaustion by providing a specially crafted file. Remediation A fix was...
CVE-2025-14369
drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool...
DEBIAN-CVE-2025-14369
drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool...
CVE-2025-14369
drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool...
UBUNTU-CVE-2025-14369
drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool...
CVE-2025-14369
drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool...
CVE-2025-14369 CVE-2025-14369
drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool...
CVE-2025-14369 CVE-2025-14369
drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool...
CVE-2025-14369
CVE-2025-14369 affects dr_flac, the FLAC audio decoder in the dr_libs toolset. A vulnerability arises from an integer overflow caused by trusting the totalPCMFrameCount field from FLAC metadata when calculating the buffer size, which can allow a specially crafted FLAC file to cause a Denial of Se...