211 matches found
CVE-2026-1766 Localsearch: tracker-miners: gnome localsearch mp3 extractor: denial of service and information disclosure via malformed mp3 files.
A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when processing specially crafted MP3 files containing malformed ID3v2.3 COMM Comment tags. An attacker cou...
EUVD-2026-37026
A flaw was found in the tracker-extract-mp3 component of GNOME localsearch previously known as tracker-miners. This vulnerability, a heap buffer overflow, occurs when processing specially crafted MP3 files. A remote attacker could exploit this by providing a malicious MP3 file, leading to a Denia...
CVE-2026-34028 Unauthenticated direct access to web data in Wertheim SafeController Software exposes files
The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, exposes web-accessible file paths that are not protected by an authorization scheme. An unauthenticated attacker can directly access HTTP endpoints to download files from locations such as /Resources/CompanyIdID/Audio/ and...
SUSE-SU-2026:21854-1 Security update for localsearch
This update for localsearch fixes the following issues: - CVE-2026-1764: Fixed a heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files. bsc1257606 - CVE-2026-1765: Fixed a Denial of Service and potential information disclosure via crafted MP3 files...
openSUSE 16 Security Update : libsndfile (openSUSE-SU-2026:20787-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20787-1 advisory. This update for libsndfile fixes the following issues - CVE-2025-52194: buffer overflow in the ircamreadheader function of file src/ircam.c when...
SUSE-SU-2026:1968-1 Security update for libsndfile
This update for libsndfile fixes the following issues - CVE-2025-52194: buffer overflow in the ircamreadheader function of file src/ircam.c when processing malformed IRCAM audio files bsc1248458. - CVE-2026-37555: IMA-ADPCM integer overflow bsc1263695...
Astra Linux – Vulnerability in Audacity
In Audacity version 2.3.3, temporary files are saved to the /var/tmp/audacity-$USER directory by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary .au audio files located there...
Directory Traversal
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via the webchat audio embedding process. An attacker can access and exfiltrate arbitrary local audio-like files readable by the gateway process by influencing the...
Ventis MediaMonkey 安全漏洞
Ventis MediaMonkey is a multi-functional music player software developed by the Czech company Ventis. Version 4.1.23 of Ventis MediaMonkey contains a security vulnerability. This vulnerability stems from a buffer overflow issue when opening specially crafted MP3 files, which could allow local...
CVE-2026-32889
A flaw was found in tinytag, a Python library for reading audio file metadata. An attacker who can supply specially crafted MP3 files for parsing can trigger a non-terminating loop within the library. This can cause the parsing operation to stop making progress, leading to a Denial of Service DoS...
Improper Null Termination
Overview Affected versions of this package are vulnerable to Improper Null Termination via the madrwavstrlen function. An attacker can cause memory access violations and application crashes by submitting specially crafted WAV files that exploit improper null-termination handling in the coding...
SUSE-SU-2026:0780-1 Security update for tracker-miners
This update for tracker-miners fixes the following issues: - CVE-2026-1764: heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files bsc1257606. - CVE-2026-1765: denial of Service and potential information disclosure via crafted MP3 files bsc1257607. -...
USN-8019-1: tracker-miners vulnerabilities
Fatih Çelik discovered that tracker-miners incorrectly handled certain malformed MP3 files. An attacker could use this issue to cause tracker-miners to crash, resulting in a denial of service, or possibly execute arbitrary code...
PT-2026-6841
Name of the Vulnerable Software and Affected Versions tracker-miners affected versions not specified Description A flaw exists in tracker-miners related to the handling of malformed MP3 files. Specifically, the software incorrectly processes certain MP3 files, potentially leading to a denial of...
Hacktivists claim near-total Spotify music scrape
Hacktivist group Anna’s Archive claims to have scraped almost all of Spotify’s catalog and is now seeding it via BitTorrent, effectively turning a streaming platform into a roughly 300 TB pirate “preservation archive.” On its blog, the group states: “A while ago, we discovered a way to scrape...
Pirate Group Anna’s Archive Copies 256M Spotify Songs in Data Scrape
Spotify has confirmed a massive unauthorised data scrape involving 256 million track records and 86 million audio files. Learn how "Anna’s Archive" bypassed security, and why experts warn against downloading the leaked files...
CVE-2025-65405
A flaw was found in Live555. A use-after-free issue in ADTSAudioFileSource::samplingFrequency allows attackers to cause a denial of service via a specially crafted ADTS/AAC file...
EUVD-2006-2022
Malware in sbrugna...
EUVD-2014-1129
Malware in sbrugna...
EUVD-2021-17693
Malware in sbrugna...