CVE-2018-18197

An issue was discovered in libgig 4.1.0. There is an operator new failure due to a big pSampleLoops heap request in DLS::Sampler::Sampler in DLS.cpp...

CVE-2018-18193

An issue was discovered in libgig 4.1.0. There is operator new failure due to a big pWavePoolTable heap request in DLS::File::File in DLS.cpp...

CVE-2018-18194

An issue was discovered in libgig 4.1.0. There is a heap-based buffer over-read in DLS::Region::GetSample in DLS.cpp...

SUSE CVE-2025-68617

FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS file can trigger a heap-based use-after-free. A concurrently running thread may be pending to unload a DLS file, leading to use of freed...

Linux Distros Unpatched Vulnerability : CVE-2025-68617

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS fi...

DEBIAN-CVE-2025-68617

FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS file can trigger a heap-based use-after-free. A concurrently running thread may be pending to unload a DLS file, leading to use of freed...

CVE-2025-68617

FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS file can trigger a heap-based use-after-free. A concurrently running thread may be pending to unload a DLS file, leading to use of freed...

CVE-2025-68617 Use after free in fluidsynth

FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS file can trigger a heap-based use-after-free. A concurrently running thread may be pending to unload a DLS file, leading to use of freed...

CVE-2025-68617

CVE-2025-68617 – FluidSynth: A race condition during unloading of a DLS file can trigger a heap-based use-after-free in FluidSynth versions 2.5.0 to before 2.5.2. If a DLS unload is concurrent with synthesizer destruction or if samples from the unloaded DLS are used by active voices, freed memory...

CVE-2025-68617

FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS file can trigger a heap-based use-after-free. A concurrently running thread may be pending to unload a DLS file, leading to use of freed...

CVE-2025-12149

In CVE-2025-12149, Search Guard FLX ≤3.1.2 fails to enforce Document-Level Security when a Signals-watch triggers a search, potentially allowing access to all documents in the queried indices. Affected component: Search Guard FLX; root cause: DLS enforcement gap specific to Signals-triggered sear...

EUVD-2018-9935

Malware in sbrugna...

EUVD-2018-9932

Malware in sbrugna...

EUVD-2018-6373

Malware in sbrugna...

EUVD-2018-9931

Malware in sbrugna...

EUVD-2018-6374

Malware in sbrugna...

EUVD-2018-9933

Malware in sbrugna...

EUVD-2018-9930

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-18197

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libgig 4.1.0. There is an operator new failure due to a big pSampleLoops heap request in DLS::Sampler::Sampler in DLS.cpp...

Linux Distros Unpatched Vulnerability : CVE-2018-14456

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the function DLS::Info::SaveString in DLS.cpp. CVE-2018-14456 Note that Nessus relie...