Lucene search
K

11 matches found

OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.5 views

Fedora: Security Advisory (FEDORA-2025-82714dbb22)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.5AI score0.0056EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 2:21 a.m.6 views

CVE-2023-45677

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendorlen = char'\0';. The root cause is that if len read in startdecoder is a negative number and setupmalloc successfully allocates memory in that case, but memor...

7.8CVSS7.1AI score0.00536EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2023-45677

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendorlen = char'\0';. The...

7.8CVSS7AI score0.00536EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/02/03 12:0 a.m.17 views

openSUSE 15 Security Update : SDL2_sound (openSUSE-SU-2025:0037-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:0037-1 advisory. - Update to release 2.0.4: Update bundled stbvorbis to address CVE-2023-45676, CVE-2023-45677, CVE-2023-45679, CVE-2023-45680, CVE-2023-45681,...

7.8CVSS6.6AI score0.0056EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2025/01/11 12:0 a.m.9 views

Fedora 41 : libxmp (2025-23e4aeeb91)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-23e4aeeb91 advisory. Latest upstream release. Changelog: Fixes: CVE-2023-45679: Attempt to free an uninitialized memory pointer in vorbisdeinit CVE-2023-45680: Null...

7.8CVSS6.9AI score0.0056EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/10/24 12:59 a.m.2 views

SUSE CVE-2023-45677

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendorlen = char'\0';. The root cause is that if len read in startdecoder is a negative number and setupmalloc successfully allocates memory in that case, but memor...

7.3CVSS7.8AI score0.00536EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/10/20 11:26 p.m.18 views

CVE-2023-45677 Heap buffer out of bounds write in start_decoder in stb_vorbis

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendorlen = char'\0';. The root cause is that if len read in startdecoder is a negative number and setupmalloc successfully allocates memory in that case, but memor...

7.3CVSS7.9AI score0.00536EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2023/10/20 11:26 p.m.34 views

CVE-2023-45677

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendorlen = char'\0';. The root cause is that if len read in startdecoder is a negative number and setupmalloc successfully allocates memory in that case, but memor...

7.8CVSS7.9AI score0.00536EPSS
Exploits0
OSV
OSV
added 2023/10/20 11:26 p.m.4 views

CVE-2023-45677 Heap buffer out of bounds write in start_decoder in stb_vorbis

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendorlen = char'\0';. The root cause is that if len read in startdecoder is a negative number and setupmalloc successfully allocates memory in that case, but memor...

7.3CVSS7.8AI score0.00536EPSS
Exploits0References8
CVE
CVE
added 2023/10/20 11:26 p.m.76 views

CVE-2023-45677

CVE-2023-45677 affects stb_vorbis used by SDL2_sound/stb_vorbis.c. A crafted file can trigger a heap out-of-bounds write via f->vendor[len] = (char) '\0' with a negative len during start_decoder, and an integer overflow when len is INT_MAX during allocation of f->vendor and comment_list[i]....

7.8CVSS7.5AI score0.00536EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2023/10/20 11:26 p.m.22 views

CVE-2023-45677 Heap buffer out of bounds write in start_decoder in stb_vorbis

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendorlen = char'\0';. The root cause is that if len read in startdecoder is a negative number and setupmalloc successfully allocates memory in that case, but memor...

7.3CVSS8.1AI score0.00536EPSS
Exploits0References6
Rows per page
Query Builder