58 matches found
Astra Linux – Vulnerability in libstb
STBVorbis is a single-file library licensed under MIT that processes OGG Vorbis files. A maliciously crafted file may cause memory writes to exceed the allocated heap buffer in startdecoder. The root cause of this issue is a potential integer overflow in sizeofchar f-commentlistlength, which may...
CVE-2025-70310
A heap overflow in the vorbistointern function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted .ogg file...
CVE-2025-70310
A heap overflow in the vorbistointern function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted .ogg file...
CVE-2025-70310
A heap overflow in the vorbistointern function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted .ogg file...
CVE-2025-70310
A heap overflow in the vorbistointern function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted .ogg file...
CVE-2025-70310
A heap overflow in the vorbistointern function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted .ogg file...
EUVD-2026-2746
A heap overflow in the vorbistointern function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted .ogg file...
CVE-2025-70310
A heap overflow in the vorbistointern function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted .ogg file...
CVE-2019-18794
The BASS Audio Library 2.4.14 under Windows is prone to a BASSStreamCreateFile Use after Free vulnerability via a crafted .ogg file. An attacker can exploit this to gain access to sensitive information that may aid in further attacks. A failure in exploitation leads to denial of service...
EUVD-2007-4049
Malware in sbrugna...
EUVD-2019-5633
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-14438
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer over-read in xiphPackHeaders in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based...
PT-2026-3067
Name of the Vulnerable Software and Affected Versions GPAC version 2.4.0 Description A heap overflow exists in the vorbis to intern function when processing a crafted .ogg file. This can lead to a Denial of Service DoS. Recommendations At the moment, there is no information about a newer version...
UBUNTU-CVE-2023-47212
A heap-based buffer overflow vulnerability exists in the comment functionality of stb vorbis.c v1.22. A specially crafted .ogg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...
Fedora 40 : oggvideotools (2023-9f6281eaf7)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-9f6281eaf7 advisory. Automatic update for oggvideotools-0.9.1-15.fc40. Changelog Sun Aug 27 2023 Zbigniew Jdrzejewski-Szmek - 0.9.1-15 - Add patch for CVE-2020-21724 rhbz2234728...
CVE-2020-21723
A Segmentation Fault issue discovered StreamSerializer::extractStreams function in streamSerializer.cpp in oggvideotools 0.9.1 allows remote attackers to cause a denial of service crash via opening of crafted ogg file...
DEBIAN-CVE-2020-21723
A Segmentation Fault issue discovered StreamSerializer::extractStreams function in streamSerializer.cpp in oggvideotools 0.9.1 allows remote attackers to cause a denial of service crash via opening of crafted ogg file...
DEBIAN-CVE-2020-21724
Buffer Overflow vulnerability in ExtractorInformation function in streamExtractor.cpp in oggvideotools 0.9.1 allows remaote attackers to run arbitrary code via opening of crafted ogg file...
CVE-2020-21723
A Segmentation Fault issue discovered StreamSerializer::extractStreams function in streamSerializer.cpp in oggvideotools 0.9.1 allows remote attackers to cause a denial of service crash via opening of crafted ogg file...
CVE-2020-21722
Buffer Overflow vulnerability in oggvideotools 0.9.1 allows remote attackers to run arbitrary code via opening of crafted ogg file...