Lucene search
K

15 matches found

Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-38024

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse ds64 function within gstwavparse.c. The parse ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing...

9.1CVSS6.7AI score0.01161EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.14 views

Amazon Linux 2 : gstreamer-plugins-good, --advisory ALAS2-2026-3250 (ALAS-2026-3250)

The version of gstreamer-plugins-good installed on the remote host is prior to 0.10.31-20. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3250 advisory. An out-of-bounds read in the WAV parser that can cause crashes for certain input files. CVE-2026-1940 Tenable has...

7.5CVSS7.3AI score0.00225EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/24 12:30 a.m.10 views

EUVD-2026-14551

An incomplete fix for CVE-2024-47778 allows an out-of-bounds read in gstwavparseadtlchunk function. The patch added a size validation check lsize + 8 size, but it does not account for the GSTROUNDUP2lsize used in the actual offset calculation. When lsize is an odd number, the parser advances more...

7.5CVSS5.8AI score0.00839EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/03/23 9:26 p.m.8 views

CVE-2026-1940

An incomplete fix for CVE-2024-47778 allows an out-of-bounds read in gstwavparseadtlchunk function. The patch added a size validation check lsize + 8 size, but it does not account for the GSTROUNDUP2lsize used in the actual offset calculation. When lsize is an odd number, the parser advances more...

7.5CVSS6.7AI score0.00839EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/03/03 7:49 p.m.1 views

CVE-2026-29022 mackron / dr_libs dr_wav.h Heap Buffer Overflow via WAV File

drlibs drwav.h version 0.14.4 and earlier fixed in commit 8a7258c contain a heap buffer overflow vulnerability in the drwavreadsmpltometadataobj function of drwav.h that allows memory corruption via crafted WAV files. Attackers can exploit a mismatch between sampleLoopCount validation in pass 1 a...

7.3CVSS6AI score0.00207EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2024/12/19 12:0 a.m.5 views

The vulnerability of the gst_wavparse_adtl function in the Gstreamer multimedia framework, which allows a hacker to cause a service failure.

The vulnerability of the gstwavparseadtlchunk multimedia framework in Gstreamer is related to reading beyond the permitted range of memory. Exploiting this vulnerability can allow a remote attacker to cause service failures...

7.8CVSS6.6AI score0.00839EPSS
Exploits0References13Affected Software8
OSV
OSV
added 2024/12/12 12:0 a.m.4 views

UBUNTU-CVE-2024-47777

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gstwavparsesmplchunk function within gstwavparse.c. This function attempts to read 4 bytes from the data + 12 offset without checking if the size of the data buffer is...

9.1CVSS7.2AI score0.01161EPSS
Exploits0References5
OSV
OSV
added 2022/08/25 8:15 p.m.4 views

AZL-44017 CVE-2021-33844 affecting package sox 14.4.2.0-34

A floating point exception divide-by-zero issue was discovered in SoX in functon startread of wav.c file. An attacker with a crafted wav file, could cause an application to crash...

5.5CVSS6.7AI score0.00457EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2021/10/26 12:0 a.m.5 views

PT-2021-4866 · Adobe · Audition

Name of the Vulnerable Software and Affected Versions: Adobe Audition versions 14.4 and earlier Description: The issue is related to a memory corruption vulnerability when parsing a WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is...

9.3CVSS7.9AI score0.01645EPSS
Exploits0References5
securityvulns
securityvulns
added 2014/12/23 12:0 a.m.43 views

SoX buffer overflows

Buffer overflows on wav parsing...

7.5CVSS5AI score0.07709EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2011/07/09 12:0 a.m.51 views

foobar2000 integer overflow

Integer overflow on WAV parsing...

4.9AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2009/08/17 12:0 a.m.20 views

Easy Music Player buffer overflow

Buffer overflow on WAV parsing...

4.7AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2008/12/29 12:0 a.m.44 views

Microsoft Windows Media Player buffer overflow

Buffer overflow on WAV parsing...

5AI score
Exploits0References1
securityvulns
securityvulns
added 2008/12/26 12:0 a.m.30 views

Microsoft Windows Media Player integer overflow

Integer overflow on WAV parsing...

5.4AI score
Exploits0References1
securityvulns
securityvulns
added 2007/06/22 12:0 a.m.33 views

VLC media player multiple security vulnerabilities

Format string vulnerabilities in Ogg Vorbis and Ogg Theora comments parsing, CDDA data, SAP/SDP discovery service. Integer overflow and uninitialized variables on WAV parsing...

9.3CVSS4.4AI score0.17079EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder