141 matches found
CVE-2019-8850
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. Processing a maliciously crafted audio file may disclose...
CVE-2020-9889
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution...
CVE-2020-9884
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution...
PT-2020-20835 · Apple · Macos Catalina +4
Name of the Vulnerable Software and Affected Versions: Apple iOS versions prior to 13.6 Apple iPadOS versions prior to 13.6 Apple macOS Catalina versions prior to 10.15.6 Apple tvOS versions prior to 13.4.8 Apple watchOS versions prior to 6.2.8 Description: An out-of-bounds write issue was...
About the security content of tvOS 13.4.8
About the security content of tvOS 13.4.8 This document describes the security content of tvOS 13.4.8. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...
The vulnerability of Google Chrome’s audio file processing mechanism, related to the disclosure of information during data processing, allows a perpetrator to gain unauthorized access to confidential data.
The vulnerability of Google Chrome’s audio file processing mechanism is related to the disclosure of information during data processing. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to confidential data through a created HTML page...
Arbitrary Code Execution
libvorbis is vulnerable to arbitrary code execution. The vulnerability exists in the way libvorbis processed audio data. An attacker could create a carefully crafted OGG audio file in such a way that it could cause an application linked with libvorbis to crash, or execute arbitrary code when it w...
Memory Corruption Vulnerability in PM Designer by Yonghong
PM Designer is a programmable logic controller. A memory corruption vulnerability exists in Yonghong PM Designer when processing MID audio. An attacker can cause the program to crash by constructing a malformed file...
WeChat - Memory Corruption in CAudioJBM::InputAudioFrameToJBM
WeChat - Memory Corruption in CAudioJBM::InputAudioFrameToJBM There is a memory corruption vulnerability in audio processing during a voice call in WeChat. When an RTP packet is processed, there is a call to UnpacketRTP. This function decrements the length of the packet by 12 without checking tha...
WeChat - Memory Corruption in CAudioJBM::InputAudioFrameToJBM
There is a memory corruption vulnerability in audio processing during a voice call in WeChat. When an RTP packet is processed, there is a call to UnpacketRTP. This function decrements the length of the packet by 12 without checking that the packet has at least 12 bytes in it. This leads to a...
CVE-2019-15927
An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function buildaudioprocunit in the file sound/usb/mixer.c...
Fedora Update for soundtouch FEDORA-2018-09802a742a
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
MGASA-2019-0127 Updated SDL12 packages fix security vulnerability
This release fixes various buffer overflows when parsing or processing damaged Waveform audio and BMP image files. - Fix CVE-2019-7577 a buffer overread in MSADPCMdecode rhbz1676510 - Fix CVE-2019-7575 a buffer overwrite in MSADPCMdecode rhbz1676744 - Fix CVE-2019-7574 a buffer overread in...
[SECURITY] Fedora 27 Update: soundtouch-2.1.1-1.fc27
SoundTouch is a LGPL-licensed open-source audio processing library for changing the Tempo, Pitch and Playback Rates of audio streams or files. The SoundTouch library is suited for application developers writing sound processing tools that require tempo/pitch control functionality, or just for...
[SECURITY] Fedora 28 Update: soundtouch-2.1.1-1.fc28
SoundTouch is a LGPL-licensed open-source audio processing library for changing the Tempo, Pitch and Playback Rates of audio streams or files. The SoundTouch library is suited for application developers writing sound processing tools that require tempo/pitch control functionality, or just for...
[SECURITY] Fedora 29 Update: soundtouch-2.1.1-1.fc29
SoundTouch is a LGPL-licensed open-source audio processing library for changing the Tempo, Pitch and Playback Rates of audio streams or files. The SoundTouch library is suited for application developers writing sound processing tools that require tempo/pitch control functionality, or just for...
About the security content of macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...
[SECURITY] Fedora 27 Update: soundtouch-2.0.0-6.fc27
SoundTouch is a LGPL-licensed open-source audio processing library for changing the Tempo, Pitch and Playback Rates of audio streams or files. The SoundTouch library is suited for application developers writing sound processing tools that require tempo/pitch control functionality, or just for...
[SECURITY] Fedora 28 Update: soundtouch-2.0.0-6.fc28
SoundTouch is a LGPL-licensed open-source audio processing library for changing the Tempo, Pitch and Playback Rates of audio streams or files. The SoundTouch library is suited for application developers writing sound processing tools that require tempo/pitch control functionality, or just for...
Intel Smart Sound Tech Vulnerable to Three High-Severity Bugs
Intel issued three fixes for bugs that could allow a local attacker to execute code on Intel Core and Atom processor-based PCs. The vulnerabilities are tied to versions of its own Intel Smart Sound Technology, used to boost audio processing for tasks such as voice commands and interactions with...