Lucene search
K

23 matches found

NVD
NVD
added 2026/06/16 2:16 a.m.14 views

CVE-2026-1764

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the extractperformerstags function can lead to a heap buffer overflow. This vulnerability allows a remote attacker...

5.6CVSS0.00209EPSS
Exploits2References2
CVE
CVE
added 2026/06/16 12:34 a.m.21 views

CVE-2026-1767

CVE-2026-1767 affects GNOME localsearch’s MP3 Extractor (tracker-extract-mp3). The issue is a heap buffer overflow when parsing MP3 ID3 tags, caused by incorrect length calculations for performer tags, leading to potential DoS from a crash or information disclosure. Connected advisories reference...

8.1CVSS5.6AI score0.00246EPSS
Exploits1References2Affected Software2
EUVD
EUVD
added 2026/06/16 12:34 a.m.8 views

EUVD-2026-37028

A flaw was found in the GNOME localsearch previously known as tracker-miners MP3 Extractor tracker-extract-mp3 component. A remote attacker could exploit this heap buffer overflow vulnerability by providing a specially crafted MP3 file containing malformed ID3 tags. This incorrect length...

5.6CVSS5.6AI score0.00246EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/16 12:34 a.m.40 views

CVE-2026-1766 Localsearch: tracker-miners: gnome localsearch mp3 extractor: denial of service and information disclosure via malformed mp3 files.

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when processing specially crafted MP3 files containing malformed ID3v2.3 COMM Comment tags. An attacker cou...

5.6CVSS0.00158EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/06/16 12:34 a.m.4 views

CVE-2026-1765

A flaw was found in the tracker-extract-mp3 component of GNOME localsearch previously known as tracker-miners. This vulnerability, a heap buffer overflow, occurs when processing specially crafted MP3 files. A remote attacker could exploit this by providing a malicious MP3 file, leading to a Denia...

5.6CVSS5.5AI score0.00139EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/16 12:34 a.m.29 views

CVE-2026-1765 Localsearch: tracker-miners: gnome localsearch mp3 extractor: denial of service and potential information disclosure via crafted mp3 files

A flaw was found in the tracker-extract-mp3 component of GNOME localsearch previously known as tracker-miners. This vulnerability, a heap buffer overflow, occurs when processing specially crafted MP3 files. A remote attacker could exploit this by providing a malicious MP3 file, leading to a Denia...

5.6CVSS0.00139EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/16 12:32 a.m.5 views

CVE-2026-1764

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the extractperformerstags function can lead to a heap buffer overflow. This vulnerability allows a remote attacker...

5.6CVSS5.7AI score0.00209EPSS
Exploits2
CVE
CVE
added 2026/06/16 12:32 a.m.38 views

CVE-2026-1764

The CVE-2026-1764 to CVE-2026-1767 family affects GNOME localsearch (tracker-miners) MP3 extraction. Root cause: a missing bounds check in extract_performers_tags when parsing MP3 files (ID3v2.x), enabling a heap buffer overflow. Impact: Denial of Service (remote or local depending on context) vi...

5.6CVSS5.6AI score0.00209EPSS
Exploits2References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2026/04/13 12:0 a.m.4 views

Amazon Linux 2023 : tracker-miners (ALAS2023-2026-1580)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1580 advisory. A flaw was found in GNOME localsearch MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the extractperformerstags function can lead ...

8.1CVSS6.2AI score0.00246EPSS
Exploits4References10
Tenable Nessus
Tenable Nessus
added 2026/03/22 12:0 a.m.3 views

Fedora 43 : localsearch (2026-ba6641558a)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ba6641558a advisory. Add a patch for several CVEs: CVE-2026-1764 - Heap Buffer Overflow in GNOME localsearch MP3 Extractor CVE-2026-1765 - Heap Buffer Overflow in GNOME...

8.1CVSS5.9AI score0.00246EPSS
Exploits4References5
UbuntuCve
UbuntuCve
added 2026/02/03 12:0 a.m.4 views

CVE-2026-1764

Heap Buffer Overflow in GNOME localsearch MP3 Extractor...

5.8AI score0.00209EPSS
Exploits2References2
OSV
OSV
added 2026/02/03 12:0 a.m.3 views

UBUNTU-CVE-2026-1764

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the extractperformerstags function can lead to a heap buffer overflow. This vulnerability allows a remote attacker...

5.6CVSS6.2AI score0.00209EPSS
Exploits2References3
OSV
OSV
added 2026/02/03 12:0 a.m.4 views

UBUNTU-CVE-2026-1766

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when processing specially crafted MP3 files containing malformed ID3v2.3 COMM Comment tags. An attacker cou...

6.1CVSS6.1AI score0.00158EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/02/03 12:0 a.m.7 views

CVE-2026-1767

Heap Buffer Overflow in GNOME localsearch MP3 Extractor...

5.8AI score0.00246EPSS
Exploits1References2
OSV
OSV
added 2026/02/03 12:0 a.m.5 views

UBUNTU-CVE-2026-1765

A flaw was found in the tracker-extract-mp3 component of GNOME localsearch previously known as tracker-miners. This vulnerability, a heap buffer overflow, occurs when processing specially crafted MP3 files. A remote attacker could exploit this by providing a malicious MP3 file, leading to a Denia...

5.6CVSS6AI score0.00139EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-1767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the GNOME localsearch previously known as tracker-miners MP3 Extractor tracker- extract-mp3 component. A remote attacker could exploit this...

8.1CVSS5.8AI score0.00246EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/02/02 12:0 a.m.7 views

GNOME localsearch 安全漏洞

GNOME localsearch is a file search engine developed under the GNU General Public License. GNOME localsearch has a security vulnerability, which stems from an error in length calculation during the MP3 Extractor tracker-extract-mp3 process. This error may lead to heap buffer overflows,...

5.9AI score0.00246EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 5:17 p.m.5 views

CVE-2020-0321

In the mp3 extractor, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-155171907...

8.8CVSS8.7AI score0.00714EPSS
Exploits0References1
OSV
OSV
added 2020/09/17 9:15 p.m.3 views

CVE-2020-0321

In the mp3 extractor, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-155171907...

8.8CVSS7.8AI score0.00714EPSS
Exploits0References1
NVD
NVD
added 2020/09/17 9:15 p.m.21 views

CVE-2020-0321

In the mp3 extractor, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-155171907...

8.8CVSS0.00714EPSS
Exploits0References1
Rows per page
Query Builder