Lucene search
+L

1047 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in libstb

stbvorbis is a single-file MIT licensed library for processing OGG Vorbis files. A maliciously crafted file may trigger an out-of-bounds write vulnerability in the line f-vendorlen = char'\0';. The root cause of this issue is that if len read from startdecoder is -1, then len + 1 becomes 0 when...

7.8CVSS7.9AI score0.00759EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in libstb

STBVorbis is a single-file library licensed under MIT, designed for processing OGG Vorbis files. A properly crafted file may cause a memory allocation failure in the startdecoder function. In such cases, the function returns early; f-commentlist is set to NULL, but f-commentlistlength is not rese...

5.5CVSS6.2AI score0.00531EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in libstb

STBVorbis is a single-file library licensed under MIT that processes OGG Vorbis files. A maliciously crafted file may cause memory writes to exceed the allocated heap buffer in startdecoder. The root cause of this issue is a potential integer overflow in sizeofchar f-commentlistlength, which may...

7.8CVSS7.6AI score0.00518EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/18 11:53 a.m.11 views

CVE-2026-34253

A flaw was found in the ogg123 utility of the vorbis-tools package. This buffer underflow vulnerability occurs in the remote control functionality when processing malformed input. A remote attacker could exploit this to cause application crashes and potentially achieve arbitrary code execution...

8.2CVSS6.1AI score0.00515EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/05/17 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-34253

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This...

8.2CVSS6.2AI score0.00515EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:13 a.m.16 views

SUSE CVE-2026-34253

A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...

3.3CVSS6AI score0.00515EPSS
Exploits0References3
OSV
OSV
added 2026/05/15 3:16 p.m.6 views

DEBIAN-CVE-2026-34253

A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...

8.2CVSS6AI score0.00515EPSS
Exploits0References1
NVD
NVD
added 2026/05/15 3:16 p.m.16 views

CVE-2026-34253

A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...

8.2CVSS0.00515EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/15 3:16 p.m.12 views

CVE-2026-34253

A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...

8.2CVSS6AI score0.00515EPSS
Exploits0References7
OSV
OSV
added 2026/05/15 3:16 p.m.6 views

UBUNTU-CVE-2026-34253

A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...

8.2CVSS6AI score0.00515EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/05/15 12:0 a.m.7 views

CVE-2026-34253

A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...

6AI score0.00515EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/15 12:0 a.m.12 views

CVE-2026-34253

A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...

8.2CVSS6AI score0.00515EPSS
Exploits0
EUVD
EUVD
added 2026/05/15 12:0 a.m.13 views

EUVD-2026-30545

A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...

8.2CVSS6AI score0.00515EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/15 12:0 a.m.7 views

CVE-2026-34253

A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...

8.2CVSS6AI score0.00515EPSS
Exploits0References4
CVE
CVE
added 2026/05/15 12:0 a.m.32 views

CVE-2026-34253

CVE-2026-34253 : A buffer underflow in the ogg123 utility (vorbis-tools 1.4.3) affects the function remotethread in remote.c. The vulnerability occurs in the remote control handling when processing malformed input, causing a stack buffer underflow that can crash the application and potentially en...

8.2CVSS6AI score0.00515EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/15 12:0 a.m.47 views

CVE-2026-34253

A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...

0.00515EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.12 views

vorbis-tools 安全漏洞

Vorbis-tools is an open-source command-line tool developed by the Xiph.Org Foundation for creating and playing Ogg Vorbis files. Version 1.4.3 of vorbis-tools contains a security vulnerability. This vulnerability stems from the remotethread function in the ogg123 tool, which experiences a stack...

8.2CVSS6.1AI score0.00515EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/02 2:26 a.m.2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the setupfree function of the stbvorbis.c file. An attacker can cause resource exhaustion by triggering repeated or malformed calls to this function remotely, potentially leading t...

6.5CVSS5.9AI score0.00439EPSS
Exploits1References2
NVD
NVD
added 2026/04/02 1:16 a.m.4 views

CVE-2026-5317

A security flaw has been discovered in Nothings stb up to 1.22. This affects the function startdecoder of the file stbvorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The...

8.8CVSS0.00425EPSS
Exploits1References4
OSV
OSV
added 2026/04/02 1:16 a.m.5 views

DEBIAN-CVE-2026-5317

A security flaw has been discovered in Nothings stb up to 1.22. This affects the function startdecoder of the file stbvorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The...

8.8CVSS5.9AI score0.00425EPSS
Exploits1References1
Rows per page
Query Builder