Lucene search
+L

265 matches found

Cvelist
Cvelist
added 2021/10/27 9:10 p.m.33 views

CVE-2021-25219 Lame cache can be abused to severely degrade resolver performance

In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response...

5.3CVSS5.8AI score0.08001EPSS
Exploits0References10
AlpineLinux
AlpineLinux
added 2021/10/27 9:10 p.m.45 views

CVE-2021-25219

In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response...

5.3CVSS6AI score0.08001EPSS
Exploits0
Debian CVE
Debian CVE
added 2021/10/27 9:10 p.m.65 views

CVE-2021-25219

In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response...

5.3CVSS6.1AI score0.08001EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2021/10/27 12:0 a.m.70 views

CVE-2021-25219

In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response...

5.3CVSS6.4AI score0.08001EPSS
Exploits0References4
OSV
OSV
added 2021/10/27 12:0 a.m.4 views

UBUNTU-CVE-2021-25219

In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response...

5.3CVSS6.4AI score0.08001EPSS
Exploits0References5
Veracode
Veracode
added 2020/05/10 11:26 p.m.18 views

Denial Of Service (DoS)

lame is vulnerable to denial of service DoS. The vulnerability exists as the unpackreadsamples function in frontend/getaudio.c in LAME 3.99.5 allows remote attackers to cause a denial of service invalid memory read and application crash via a crafted wav file...

5.5CVSS5.2AI score0.03966EPSS
Exploits3References2Affected Software1
Veracode
Veracode
added 2020/05/10 11:22 p.m.20 views

Denial Of Service (DoS)

lame is vulnerable to denial of service. An attacker is able to crash the application, and potentially execute arbitrary code on the system due to a division-by-zero vulnerability caused by a malicious input file...

9.8CVSS5AI score0.02464EPSS
Exploits1References3Affected Software1
Veracode
Veracode
added 2020/05/10 11:21 p.m.18 views

Denial Of Service (DoS)

lame is vulnerable to denial of service DoS. The vulnerability exists as the fillbufferresample function in util.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted audio file...

5.5CVSS5AI score0.01441EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2020/05/10 11:21 p.m.15 views

Denial Of Service (DoS)

lame is vulnerable to denial of service DoS. The vulnerability exists as the lameinitparams function in lame.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service invalid read and application crash via a crafted audio file with a negative sample rate...

5.5CVSS5.7AI score0.01422EPSS
Exploits0References2Affected Software1
ossfuzz
ossfuzz
added 2019/03/26 2:18 a.m.22 views

lame/fuzzer-encoder: Heap-buffer-overflow in do_copy_buffer

Project: https://svn.code.sf.net/p/lame/svn/trunk/lame Detailed report: https://oss-fuzz.com/testcase?key=5717291922096128 Project: lame Fuzzer: libFuzzerlamefuzzer-encoder Fuzz target binary: fuzzer-encoder Job Type: libfuzzerasanlame Platform Id: linux Crash Type: Heap-buffer-overflow WRITE Cra...

6.8AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/02/28 12:0 a.m.43 views

openSUSE Security Update : lame (openSUSE-2018-214)

This update for lame fixes the following issues : Lame was updated to version 3.100 : - Improved detection of MPEG audio data in RIFF WAVE files. sf3545112 Invalid sampling detection - New switch --gain , range -20.0 to +12.0, a more convenient way to apply Gain adjustment in decibels, than the u...

9.8CVSS6.8AI score0.0979EPSS
Exploits8References24
OpenVAS
OpenVAS
added 2018/02/27 12:0 a.m.26 views

openSUSE: Security Advisory for lame (openSUSE-SU-2018:0544-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.3AI score0.0979EPSS
Exploits8References2
OPENSUSE Linux
OPENSUSE Linux
added 2018/02/26 12:9 p.m.269 views

Security update for lame (important)

This update for lame fixes the following issues: Lame was updated to version 3.100: Improved detection of MPEG audio data in RIFF WAVE files. sf3545112 Invalid sampling detection New switch --gain decibel, range -20.0 to +12.0, a more convenient way to apply Gain adjustment in decibels, than the...

7.5CVSS6.3AI score0.0979EPSS
Exploits8References12
OPENSUSE Linux
OPENSUSE Linux
added 2018/02/26 12:7 p.m.59 views

Security update for lame (important)

This update for lame fixes the following issues: Lame was updated to version 3.100: Improved detection of MPEG audio data in RIFF WAVE files. sf3545112 Invalid sampling detection New switch --gain decibel, range -20.0 to +12.0, a more convenient way to apply Gain adjustment in decibels, than the...

7.5CVSS6.3AI score0.0979EPSS
Exploits8References12
OSV
OSV
added 2018/02/26 7:35 a.m.8 views

OPENSUSE-SU-2018:0543-1 Security update for lame

This update for lame fixes the following issues: Lame was updated to version 3.100: Improved detection of MPEG audio data in RIFF WAVE files. sf3545112 Invalid sampling detection New switch --gain , range -20.0 to +12.0, a more convenient way to apply Gain adjustment in decibels, than the use of...

9.8CVSS6AI score0.0979EPSS
Exploits8References25
OSV
OSV
added 2018/02/26 7:35 a.m.10 views

OPENSUSE-SU-2018:0544-1 Security update for lame

This update for lame fixes the following issues: Lame was updated to version 3.100: Improved detection of MPEG audio data in RIFF WAVE files. sf3545112 Invalid sampling detection New switch --gain , range -20.0 to +12.0, a more convenient way to apply Gain adjustment in decibels, than the use of...

9.8CVSS6AI score0.0979EPSS
Exploits8References25
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.16 views

Fedora 27 : lame (2017-2e2dc86bc6)

Update to 3.100 1470202, 1505107 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 703...

5.5CVSS7.2AI score0.01422EPSS
Exploits0References2
Mageia
Mageia
added 2017/12/01 11:13 p.m.47 views

Updated lame packages fix security vulnerabilities

LAME 3.100 has been released including fixes to security vulnerabilities. Note the MP3 patents have expired...

9.8CVSS2.1AI score0.0979EPSS
Exploits6References2
OSV
OSV
added 2017/12/01 11:13 p.m.16 views

MGASA-2017-0434 Updated lame packages fix security vulnerabilities

LAME 3.100 has been released including fixes to security vulnerabilities. Note the MP3 patents have expired...

9.8CVSS6.4AI score0.0979EPSS
Exploits6References3
OpenVAS
OpenVAS
added 2017/11/23 12:0 a.m.24 views

Fedora Update for lame FEDORA-2017-38830f1443

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6AI score0.03966EPSS
Exploits10References2
Rows per page
Query Builder