CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux - уязвимость в faad2

There is a stack-based buffer overflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because the SM array is mishandled...

7.8CVSS7.6AI score0.00356EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в ffmpeg5

A flaw was discovered in FFmpeg’s ALS audio decoder, where it does not properly check for memory allocation failures. This can cause the application to crash when processing certain malformed audio files. While it does not lead to data theft or system control, it can be used to disrupt services a...

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в faad2

An invalid memory address dereference was discovered in the sbrprocesschannel function of libfaad/sbrdec.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. This vulnerability causes a segmentation fault and an application crash, resulting in a denial of service...

5.5CVSS6.7AI score0.00479EPSS

Debian CVE•added 2026/03/30 9:41 p.m.•2 views

CVE-2026-33977

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a malicious RDP server can crash the FreeRDP client by sending audio data in IMA ADPCM format with an invalid initial step index value = 89. The unvalidated step index is read directly from the network and...

6.9CVSS4.7AI score0.00071EPSS

Exploits1

Vulnrichment•added 2026/03/30 9:41 p.m.•2 views

CVE-2026-33977 FreeRDP: DoS via WINPR_ASSERT in IMA ADPCM audio decoder (dsp.c:331)

6.9CVSS5.8AI score0.00071EPSS

CNNVD•added 2026/02/18 12:0 a.m.•3 views

minisat 缓冲区错误漏洞

Minisat is an audio decoder developed by Niklas Sorensson. Versions of Minisat 2.2.0 and earlier contained a buffer error vulnerability. This vulnerability stemmed from improper handling of the parameter variable index in the DIMACS file parser component, which could lead to out-of-bounds reading...

7.8CVSS6AI score0.00013EPSS

Exploits1References6

UbuntuCve•added 2026/01/20 12:15 p.m.•3 views

CVE-2025-14369

drflac, an audio decoder within the drlibs toolset, contains an integer overflow vulnerability flaw due to trusting the totalPCMFrameCount field from FLAC metadata before calculating buffer size, allowing an attacker with a specially crafted file to perform DoS against programs using the tool...

5.5CVSS6.2AI score0.00025EPSS

Exploits0References3

Debian•added 2026/01/16 11:11 p.m.•6 views

[SECURITY] [DLA 4440-1] ffmpeg security update

Debian LTS Advisory DLA-4440-1 [email protected] https://www.debian.org/lts/security/ Carlos Henrique Lima Melara January 16, 2026 https://wiki.debian.org/LTS Package : ffmpeg Version : 7:4.3.9-0+deb11u2 CVE ID : CVE-2023-6603 CVE-2024-36615 CVE-2025-1594 CVE-2025-7700 CVE-2025-9951...

8.8CVSS7.4AI score0.00778EPSS

Exploits2

OSV•added 2025/12/30 12:17 p.m.•2 views

OESA-2025-2907 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: A flaw was found in...

OSV•added 2025/12/30 12:17 p.m.•3 views

OESA-2025-2906 ffmpeg security update

OSV•added 2025/12/30 12:17 p.m.•2 views

OESA-2025-2905 ffmpeg security update

RedhatCVE•added 2025/12/12 8:15 p.m.•1 views

CVE-2025-36937

In AudioDecoder::HandleProduceRequest of audiodecoder.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

9.8CVSS7.9AI score0.00178EPSS

NVD•added 2025/12/11 8:15 p.m.•1 views

CVE-2025-36937

9.8CVSS0.00178EPSS

Cvelist•added 2025/12/11 7:35 p.m.•15 views

CVE-2025-36937

0.00178EPSS

CVE•added 2025/12/11 7:35 p.m.•13 views

CVE-2025-36937

CVE-2025-36937 affects the AudioDecoder::HandleProduceRequest path in audio_decoder.cc. The issue is an out-of-bounds write caused by an incorrect bounds check, which could enable remote code execution over the network without user interaction or extra privileges. Multiple connected sources (incl...

9.8CVSS7.6AI score0.00178EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2025/12/11 12:0 a.m.•1 views

PT-2025-50717

Name of the Vulnerable Software and Affected Versions Adobe affected versions not specified Description An issue exists in the AudioDecoder::HandleProduceRequest function within audio decoder.cc. An incorrect bounds check can lead to an out-of-bounds write, potentially resulting in remote code...

9.8CVSS7.6AI score0.00178EPSS

Exploits0References4

OSV•added 2025/12/01 12:0 a.m.•3 views

PUB-A-417437723

9.8CVSS7.9AI score0.00178EPSS

OpenVAS•added 2025/11/19 12:0 a.m.•2 views

Ubuntu: Security Advisory (USN-7871-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.8AI score0.00106EPSS

OSV•added 2025/11/16 11:19 p.m.•0 views

USN-7871-1 ffmpeg vulnerability

It was discovered that FFmpeg incorrectly handled memory allocation in the ALS audio decoder. If a user was tricked into loading a crafted media file, a remote attacker could possibly use this issue to make FFmpeg crash, resulting in a denial of service...

5.3CVSS6.6AI score0.00106EPSS