Updated libxmp packages fix security vulnerabilities

CVE-2023-45679: Attempt to free an uninitialized memory pointer in vorbisdeinit CVE-2023-45680: Null pointer dereference in vorbisdeinit CVE-2023-45681: Out of bounds heap buffer write CVE-2023-45676: Multi-byte write heap buffer overflow in startdecoder CVE-2023-45677: Heap buffer out of bounds...

CVE-2019-18796

The BASS Audio Library 2.4.14 under Windows is prone to a BASSStreamCreateFile Denial of Service vulnerability infinite loop via a crafted .mp3 file. This weakness could allow attackers to consume excessive CPU and the application becomes unresponsive...

CVE-2019-18794

The BASS Audio Library 2.4.14 under Windows is prone to a BASSStreamCreateFile Use after Free vulnerability via a crafted .ogg file. An attacker can exploit this to gain access to sensitive information that may aid in further attacks. A failure in exploitation leads to denial of service...

CVE-2019-18795

The BASS Audio Library 2.4.14 under Windows is prone to a BASSStreamCreateFile out of bounds read vulnerability via a crafted .wav file. An attacker can exploit this issues to gain access to sensitive information that may aid in further attacks. A failure in exploitation leads to denial of servic...

EUVD-2019-8501

Malware in sbrugna...

EUVD-2019-8500

Malware in sbrugna...

EUVD-2019-8499

Malware in sbrugna...

CVE-2025-21002

Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to manipulate broadcasting Auracast...

CVE-2023-32847

In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08241940; Issue ID: ALPS08241940...

Fedora: Security Advisory for audiofile (FEDORA-2023-e23e432cb2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2023-2010 · Mozilla · Firefox For Android

Name of the Vulnerable Software and Affected Versions: Firefox for Android versions prior to 110.1.0 Description: The issue is related to a use-after-free vulnerability in the libaudio library of Mozilla Firefox for Android. This vulnerability can be exploited by a remote attacker using a special...

SUSE CVE-2019-7573

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMSADPCM in audio/SDLwave.c inside the wNumCoef loop...

UBUNTU-CVE-2021-23210

A floating point exception divide-by-zero issue was discovered in SoX in functon readsamples of voc.c file. An attacker with a crafted file, could cause an application to crash...

The vulnerability of the psf_binheader_readf() function in the library for reading and writing audio files libsndfile allows a attacker to execute arbitrary code on the target system.

The vulnerability of the psfbinheaderreadf function in the library for reading and writing audio files, libsndfile, is related to buffer overflows in dynamic memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code on the target system...

CVE-2022-24599

In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the copyrightstring function to get data, however, it dosn't use zero byte...

DEBIAN-CVE-2022-24599

In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the copyrightstring function to get data, however, it dosn't use zero byte...

libsndfile 缓冲区错误漏洞

libsndfile is an AC library for reading and writing sound files containing sampled audio data. A security vulnerability exists in libsndfile, which can be exploited by an attacker to perform a heap buffer overflow attack...

USN-4806-1 mpg123 vulnerability

It was discovered that mpg123 failed to handle certain malformed mp3 files. An attacker could use this vulnerability to potentially leak sensitive information or cause a crash...

LodaRAT Windows Malware Now Also Targets Android Devices

A previously known Windows remote access Trojan RAT with credential-stealing capabilities has now expanded its scope to set its sights on users of Android devices to further the attacker's espionage motives. "The developers of LodaRAT have added Android as a targeted platform," Cisco Talos...

CVE-2019-18796

The BASS Audio Library 2.4.14 under Windows is prone to a BASSStreamCreateFile Denial of Service vulnerability infinite loop via a crafted .mp3 file. This weakness could allow attackers to consume excessive CPU and the application becomes unresponsive...