109 matches found
CVE-2018-18197
An issue was discovered in libgig 4.1.0. There is an operator new failure due to a big pSampleLoops heap request in DLS::Sampler::Sampler in DLS.cpp...
CVE-2018-18193
An issue was discovered in libgig 4.1.0. There is operator new failure due to a big pWavePoolTable heap request in DLS::File::File in DLS.cpp...
CVE-2018-18194
An issue was discovered in libgig 4.1.0. There is a heap-based buffer over-read in DLS::Region::GetSample in DLS.cpp...
SUSE CVE-2025-68617
FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS file can trigger a heap-based use-after-free. A concurrently running thread may be pending to unload a DLS file, leading to use of freed...
Linux Distros Unpatched Vulnerability : CVE-2025-68617
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS fi...
DEBIAN-CVE-2025-68617
FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS file can trigger a heap-based use-after-free. A concurrently running thread may be pending to unload a DLS file, leading to use of freed...
CVE-2025-68617
FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS file can trigger a heap-based use-after-free. A concurrently running thread may be pending to unload a DLS file, leading to use of freed...
CVE-2025-68617 Use after free in fluidsynth
FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS file can trigger a heap-based use-after-free. A concurrently running thread may be pending to unload a DLS file, leading to use of freed...
CVE-2025-68617
FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS file can trigger a heap-based use-after-free. A concurrently running thread may be pending to unload a DLS file, leading to use of freed...
CVE-2025-68617
CVE-2025-68617 – FluidSynth: A race condition during unloading of a DLS file can trigger a heap-based use-after-free in FluidSynth versions 2.5.0 to before 2.5.2. If a DLS unload is concurrent with synthesizer destruction or if samples from the unloaded DLS are used by active voices, freed memory...
CVE-2025-12149
In CVE-2025-12149, Search Guard FLX ≤3.1.2 fails to enforce Document-Level Security when a Signals-watch triggers a search, potentially allowing access to all documents in the queried indices. Affected component: Search Guard FLX; root cause: DLS enforcement gap specific to Signals-triggered sear...
EUVD-2018-9933
Malware in sbrugna...
EUVD-2018-9930
Malware in sbrugna...
EUVD-2018-9931
Malware in sbrugna...
EUVD-2018-9935
Malware in sbrugna...
EUVD-2018-6373
Malware in sbrugna...
EUVD-2018-9932
Malware in sbrugna...
EUVD-2018-6374
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-18197
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libgig 4.1.0. There is an operator new failure due to a big pSampleLoops heap request in DLS::Sampler::Sampler in DLS.cpp...
Linux Distros Unpatched Vulnerability : CVE-2018-14456
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the function DLS::Info::SaveString in DLS.cpp. CVE-2018-14456 Note that Nessus relie...