OPENSUSE-SU-2026:20821-1 Security update for localsearch

This update for localsearch fixes the following issues: - CVE-2026-1764: Fixed a heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files. bsc1257606 - CVE-2026-1765: Fixed a Denial of Service and potential information disclosure via crafted MP3 files...

Linux Distros Unpatched Vulnerability : CVE-2021-40826

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation, affecting the MP3 file parsing functionality at clementine+0x3aa207...

Linux Distros Unpatched Vulnerability : CVE-2021-40827

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Clementine Music Player through 1.3.1 when a GLib 2.0.0 DLL is used is vulnerable to a Read Access Violation on Block Data Move, affecting the MP3 file parsing...

SUSE CVE-2021-40827

Clementine Music Player through 1.3.1 when a GLib 2.0.0 DLL is used is vulnerable to a Read Access Violation on Block Data Move, affecting the MP3 file parsing functionality at memcpy+0x265. The vulnerability is triggered when the user opens a crafted MP3 file or loads a remote stream URL that is...

Clementine Denial of Service Vulnerability

Clementine is a multi-platform music player for individual developers running on GNU/Linux, Mac OS X and Windows operating systems. a denial of service vulnerability exists in Clementine Music Player prior to 1.3.1, which stems from a vulnerability to read access conflicts when block data is move...

DEBIAN-CVE-2021-40827

Clementine Music Player through 1.3.1 when a GLib 2.0.0 DLL is used is vulnerable to a Read Access Violation on Block Data Move, affecting the MP3 file parsing functionality at memcpy+0x265. The vulnerability is triggered when the user opens a crafted MP3 file or loads a remote stream URL that is...

CVE-2021-40827

Clementine Music Player through 1.3.1 when a GLib 2.0.0 DLL is used is vulnerable to a Read Access Violation on Block Data Move, affecting the MP3 file parsing functionality at memcpy+0x265. The vulnerability is triggered when the user opens a crafted MP3 file or loads a remote stream URL that is...

Clementine 缓冲区错误漏洞

Clementine is a multi-platform music player for individual developers running on GNU/Linux, Mac OS X and Windows operating systems. a denial of service vulnerability exists in Clementine Music Player prior to 1.3.1, which stems from a vulnerability to read access conflicts when block data is move...

Updated mpg123 packages fix security vulnerability

The mpg123 package has been updated to version 1.25.12, fixing several issues which could cause it to crash or hang while parsing mp3 files...

Adobe Flash MP3 Parsing COMM Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling...

COWON America jetCast buffer overflow

Buffer overflow on MP3 parsing...

OpenCore / Android memory corruption

Memory corruption on MP3 parsing...

libid3tag: Denial of service

Background libid3tag is an ID3 tag manipulation library. Description Kentaro Oda reported an infinite loop in the file field.c when parsing an MP3 file with an ID3FIELDTYPESTRINGLIST field that ends in '\0'. Impact A remote attacker could entice a user to open a specially crafted MP3 file, possib...

libid3tag library endless loop

Endless loop on MP3 files parsing...