Lucene search
+L

851 matches found

NVD
NVD
added 2026/03/17 8:16 p.m.7 views

CVE-2026-32836

drlibs drflac.h version 0.13.3 and earlier fixed in commits fefced4, 4f5a4cd, and 663239a contain an uncontrolled memory allocation vulnerability in drflacreadanddecodemetadata that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can...

6.9CVSS0.00183EPSS
Exploits1References5
OSV
OSV
added 2026/03/17 8:16 p.m.7 views

UBUNTU-CVE-2026-32836

drlibs drflac.h version 0.13.3 and earlier fixed in commits fefced4, 4f5a4cd, and 663239a contain an uncontrolled memory allocation vulnerability in drflacreadanddecodemetadata that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can...

6.9CVSS5.8AI score0.00183EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2026/03/17 7:10 p.m.2 views

CVE-2026-32836 mackron / dr_libs dr_flac.h Excessive Memory Allocation in PICTURE Metadata Parsing

drlibs drflac.h version 0.13.3 and earlier fixed in commits fefced4, 4f5a4cd, and 663239a contain an uncontrolled memory allocation vulnerability in drflacreadanddecodemetadata that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can...

6.9CVSS5.2AI score0.00183EPSS
Exploits1References5
CVE
CVE
added 2026/03/17 7:10 p.m.18 views

CVE-2026-32836

CVE-2026-32836 affects dr_libs up to version 0.13.3, where drflac__read_and_decode_metadata() can trigger uncontrolled memory allocation via crafted PICTURE metadata blocks. Attackers can set attacker-controlled mimeLength and descriptionLength to cause memory exhaustion and denial of service whi...

6.9CVSS5.2AI score0.00183EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/03/17 7:10 p.m.26 views

CVE-2026-32836 mackron / dr_libs dr_flac.h Excessive Memory Allocation in PICTURE Metadata Parsing

drlibs drflac.h version 0.13.3 and earlier fixed in commits fefced4, 4f5a4cd, and 663239a contain an uncontrolled memory allocation vulnerability in drflacreadanddecodemetadata that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can...

6.9CVSS0.00183EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/03/14 12:0 a.m.3 views

Fedora 42 : SDL2_sound (2026-bfa5bd0004)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bfa5bd0004 advisory. Latest upstream snapshot from stable-2.0 branch. Fixes CVE-2025-14369 in bundled drflac. Tenable has extracted the preceding description block directly from...

5.5CVSS5.9AI score0.00147EPSS
Exploits0References2
Rosalinux
Rosalinux
added 2026/02/16 7:14 a.m.30 views

Advisory ROSA-SA-2026-3144

Software: flac 1.3.2 OS: ROSA Virtualization 3.1 unaffected versions = flac-1.3.2-9.rv31.1 affected versions flac-1.3.2-9.rv31.1 CVE-ID: CVE-2020-22219 BDU-ID: 2023-06152 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the bitwritergrow in function of the FLAC audio codec is related to an operation...

7.8CVSS6.2AI score0.00742EPSS
Exploits1
Rosalinux
Rosalinux
added 2026/02/16 7:8 a.m.7 views

Advisory ROSA-SA-2026-3139

Software: flac 1.3.2 OS: ROSA Virtualization 3.0 unaffected versions = flac-1.3.2-9.rv30.1 affected versions flac-1.3.2-9.rv30.1 CVE-ID: CVE-2020-22219 BDU-ID: 2023-06152 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the bitwritergrow in function of the FLAC audio codec is related to an operation...

7.8CVSS6.2AI score0.00742EPSS
Exploits1
Rosalinux
Rosalinux
added 2026/02/16 7:7 a.m.15 views

Advisory ROSA-SA-2026-3134

Software: flac 1.3.2 OS: ROSA Virtualization 2.1 unaffected versions = flac-1.3.2-9.rv3.1 affected versions flac-1.3.2-9.rv3.1 CVE-ID: CVE-2020-22219 BDU-ID: 2023-06152 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the bitwritergrow in function of the FLAC audio codec is related to an operation...

7.8CVSS6.2AI score0.00742EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-14369

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC...

5.5CVSS6.3AI score0.00147EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/20 12:58 p.m.5 views

CVE-2025-14369

A flaw was found in drflac, an audio decoder within the drlibs toolset. This integer overflow vulnerability occurs due to the tool trusting the totalPCMFrameCount field from FLAC Free Lossless Audio Codec metadata without proper buffer size calculation. An attacker can exploit this by providing a...

5.5CVSS5.7AI score0.00147EPSS
Exploits0References4
Snyk
Snyk
added 2026/01/20 12:48 p.m.3 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the totalPCMFrameCount field from FLAC metadata before buffer size calculation. An attacker can cause a program crash or resource exhaustion by providing a specially crafted file. Remediation A fix was...

7.6CVSS5.8AI score0.00147EPSS
Exploits0References2
NVD
NVD
added 2026/01/20 12:15 p.m.6 views

CVE-2025-14369

drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool...

5.5CVSS0.00147EPSS
Exploits0References2
OSV
OSV
added 2026/01/20 12:15 p.m.4 views

DEBIAN-CVE-2025-14369

drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool...

5.5CVSS5.9AI score0.00147EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/01/20 12:15 p.m.7 views

CVE-2025-14369

drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool...

5.5CVSS6.2AI score0.00147EPSS
Exploits0References3
OSV
OSV
added 2026/01/20 12:15 p.m.5 views

UBUNTU-CVE-2025-14369

drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool...

5.5CVSS6AI score0.00147EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/20 11:49 a.m.3 views

CVE-2025-14369

drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool...

5.5CVSS5.8AI score0.00147EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/20 11:49 a.m.7 views

CVE-2025-14369 CVE-2025-14369

drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool...

5.8AI score0.00147EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/20 11:49 a.m.22 views

CVE-2025-14369 CVE-2025-14369

drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool...

0.00147EPSS
Exploits0References1
CVE
CVE
added 2026/01/20 11:49 a.m.41 views

CVE-2025-14369

CVE-2025-14369 affects dr_flac, the FLAC audio decoder in the dr_libs toolset. A vulnerability arises from an integer overflow caused by trusting the totalPCMFrameCount field from FLAC metadata when calculating the buffer size, which can allow a specially crafted FLAC file to cause a Denial of Se...

5.5CVSS5.8AI score0.00147EPSS
Exploits0References2
Rows per page
Query Builder