Lucene search
K

12 matches found

Cvelist
Cvelist
added 2026/06/16 12:34 a.m.28 views

CVE-2026-1765 Localsearch: tracker-miners: gnome localsearch mp3 extractor: denial of service and potential information disclosure via crafted mp3 files

A flaw was found in the tracker-extract-mp3 component of GNOME localsearch previously known as tracker-miners. This vulnerability, a heap buffer overflow, occurs when processing specially crafted MP3 files. A remote attacker could exploit this by providing a malicious MP3 file, leading to a Denia...

5.6CVSS0.00139EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-4436

Malware in sbrugna...

5.5CVSS5.5AI score0.00691EPSS
Exploits0References3
OSV
OSV
added 2024/11/27 12:46 p.m.9 views

USN-7092-2 mpg123 vulnerability

USN-7092-1 fixed a vulnerability in mpg123. Bastien Roucariès discovered that the fix was incomplete on Ubuntu 20.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that mpg123 incorrectly handled certain mp3 files. If a user or...

6.7CVSS6AI score0.00348EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:44 a.m.4 views

SUSE CVE-2017-9545

The nexttext function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service buffer over-read via a crafted mp3 file...

5.5CVSS6.7AI score0.01167EPSS
Exploits1References3
OSV
OSV
added 2021/12/15 7:15 a.m.2 views

DEBIAN-CVE-2021-40826

Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation, affecting the MP3 file parsing functionality at clementine+0x3aa207. The vulnerability is triggered when the user opens a crafted MP3 file or loads a remote stream URL that is mishandled by Clementine...

7.8CVSS8.2AI score0.01181EPSS
Exploits1References1
NVD
NVD
added 2019/11/26 4:15 a.m.18 views

CVE-2019-15971

A vulnerability in the MP3 detection engine of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper validation of certain MP3 file types. An attacker...

5.8CVSS4.8AI score0.00452EPSS
Exploits0References1
CNVD
CNVD
added 2019/03/18 12:0 a.m.2 views

Free MP3 CD Ripper Buffer Overflow Vulnerability (CNVD-2019-07812)

Free MP3 CD Ripper is an audio format converter. A stack buffer overflow vulnerability exists in Free MP3 CD Ripper version 2.6. A remote attacker can exploit this vulnerability to execute arbitrary code via specially crafted .mp3 files...

7.8CVSS8.3AI score0.07959EPSS
Exploits2References1
OSV
OSV
added 2017/09/07 2:29 p.m.5 views

CVE-2017-12912

The "mpglibDBL/layer3.c" file in MP3Gain 1.5.2.r2 has a vulnerability which results in a read access violation when opening a crafted MP3 file...

5.5CVSS6.5AI score
Exploits0References1
OSV
OSV
added 2017/09/07 2:29 p.m.1 views

DEBIAN-CVE-2017-12911

The "apetag.c" file in MP3Gain 1.5.2.r2 has a vulnerability which results in a stack memory corruption when opening a crafted MP3 file...

5.5CVSS7AI score0.00851EPSS
Exploits0References1
OSV
OSV
added 2017/07/27 6:29 a.m.2 views

DEBIAN-CVE-2017-9545

The nexttext function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service buffer over-read via a crafted mp3 file...

5.5CVSS6AI score0.01167EPSS
Exploits1References1
CNVD
CNVD
added 2015/04/03 12:0 a.m.2 views

Mozilla Firefox Arbitrary Code Execution Vulnerability (CNVD-2015-02207)

Mozilla Firefox is a web browser developed by the Mozilla Foundation in conjunction with the open source community. Mozilla Firefox has a security vulnerability. It allows attackers to construct malicious MP3 files and trick users into parsing them for arbitrary code execution or denial of servic...

7.5CVSS7.5AI score0.04672EPSS
Exploits0References1
OSV
OSV
added 2013/12/24 8:55 p.m.10 views

CVE-2012-6618

The avprobeinputbuffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service crash via a crafted MP3 file, possibly related to frame size or lack of sufficient "frames to estimate rate."...

6.5AI score
Exploits0References6
Rows per page
Query Builder