Lucene search
K

363 matches found

Rosalinux
Rosalinux
added 2025/01/28 6:50 p.m.25 views

Advisory ROSA-SA-2025-2639

software: faad2 2.11.1 OS: ROSA-CHROME packageevrstring: faad2-2.11.1-1 CVE-ID: CVE-2023-38858 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Buffer overflow vulnerability in infaad2 allows a remote attacker to execute arbitrary code via the mp4info function. CVE-STATUS: The vulnerability has been...

6.5CVSS8.1AI score0.00898EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2024/10/01 12:0 a.m.19 views

Synology DiskStation FAAD2 Decoder Out-of-bounds Write (CVE-2021-26567)

Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

7.8CVSS8.5AI score0.01129EPSS
Exploits0References3
Rosalinux
Rosalinux
added 2024/05/07 8:22 a.m.37 views

Advisory ROSA-SA-2024-2417

Software: faad2 2.8.8 OS: ROSA Virtualization 2.1 packageevrstring: faad2-2.8.8-6.0.1.rv3 CVE-ID: CVE-2021-32272 BDU-ID: 2022-01810 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the stszin function of the mp4read.c component of the Freeware Advanced Audio Decoder 2 FAAD2 audio decoder is related t...

7.8CVSS7.5AI score0.01218EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2024/01/10 12:0 a.m.31 views

FAAD2: Multiple Vulnerabilities

Background FAAD2 is an open source MPEG-4 and MPEG-2 AAC decoder. Description Multiple vulnerabilities have been discovered in FAAD2. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

6.5CVSS7.7AI score0.00898EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2024/01/10 12:0 a.m.26 views

GLSA-202401-13 : FAAD2: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-13 FAAD2: Multiple Vulnerabilities - Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c. CVE-2023-38857 -...

6.5CVSS7.2AI score0.00898EPSS
Exploits2References4
Veracode
Veracode
added 2023/11/30 7:8 p.m.24 views

Denial Of Service (DoS)

faad2 is vulnerable to Denial Of Service DoS. The vulnerability exists due to the buffer overflow in the stcoin function of mp4read.c, allowing an attacker to inject and execute malicious code and cause application crash...

5.5CVSS7.4AI score0.00523EPSS
Exploits1References4Affected Software1
OpenVAS
OpenVAS
added 2023/08/30 12:0 a.m.30 views

Ubuntu: Security Advisory (USN-6313-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.5AI score0.01225EPSS
Exploits8References2
OSV
OSV
added 2023/08/29 9:42 a.m.3 views

USN-6313-1 faad2 vulnerabilities

It was discovered that FAAD2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2021-32272, CVE-2021-32273, CVE-2021-32274, CVE-2021-32277,...

7.8CVSS7.4AI score0.01225EPSS
Exploits8References9
Ubuntu
Ubuntu
added 2023/08/29 9:42 a.m.67 views

USN-6313-1: FAAD2 vulnerabilities

It was discovered that FAAD2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2021-32272, CVE-2021-32273, CVE-2021-32274, CVE-2021-32277,...

7.8CVSS7.2AI score0.01225EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2023/08/29 12:0 a.m.32 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : FAAD2 vulnerabilities (USN-6313-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6313-1 advisory. It was discovered that FAAD2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a...

7.8CVSS7.2AI score0.01225EPSS
Exploits8References9
CNVD
CNVD
added 2023/08/17 12:0 a.m.4 views

Faad2 Buffer Overflow Vulnerability

Faad2 is a freeware advanced audio Aac decoder. It is used for Sbr decoding. Faad2 suffers from a buffer overflow vulnerability due to incorrect bounds checking in the stcoin function in mp4read.c. This vulnerability can be exploited to execute arbitrary code in the context of the current process...

5.5CVSS7.3AI score0.00523EPSS
Exploits1
CNVD
CNVD
added 2023/08/17 12:0 a.m.3 views

Faad2 buffer overflow vulnerability (CNVD-2026-15394)

Faad2 is a freeware advanced audio Aac decoder. It is used for Sbr decoding. Faad2 suffers from a buffer overflow vulnerability that originates from a boundary error when the application processes untrusted input. An attacker could exploit this vulnerability to execute arbitrary code and cause a...

6.5CVSS7.5AI score0.00898EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2023/08/15 5:15 p.m.4 views

CVE-2023-38858

Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039...

6.5CVSS6.2AI score0.00898EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2023/08/15 5:15 p.m.6 views

CVE-2023-38857

Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c...

5.5CVSS6.2AI score0.00523EPSS
Exploits1References3
OSV
OSV
added 2023/08/15 5:15 p.m.3 views

UBUNTU-CVE-2023-38858

Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039...

6.5CVSS7.5AI score0.00898EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/08/15 12:0 a.m.6 views

Faad2 Buffer Error Vulnerability

Faad2 is a freeware Advanced Audio Aac decoder. It is used for Sbr decoding. A security vulnerability exists in Faad2 version v.2.10.1, which stems from the presence of a buffer overflow vulnerability that could allow a remote attacker to execute arbitrary code and cause a denial of service...

5.5CVSS8AI score0.00523EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2023/08/15 12:0 a.m.99 views

CVE-2023-38858

Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039...

6.5CVSS7.1AI score0.00898EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/08/15 12:0 a.m.7 views

PT-2023-26638 · Faad2 +3 · Faad2 +3

Name of the Vulnerable Software and Affected Versions: faad2 version 2.10.1 Description: The issue allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c. Recommendations: For faad2 version 2.10.1, consider disabling the stcoin functi...

7.8CVSS7.4AI score0.01225EPSS
Exploits8References48
Positive Technologies
Positive Technologies
added 2023/08/15 12:0 a.m.7 views

PT-2023-26639 · Faad2 +3 · Faad2 +3

Name of the Vulnerable Software and Affected Versions: faad2 version 2.10.1 Description: A Buffer Overflow issue allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c at line 1039. Recommendations: For faad2 version 2.10.1, consider...

7.8CVSS7.5AI score0.01225EPSS
Exploits8References46
Tenable Nessus
Tenable Nessus
added 2022/04/20 12:0 a.m.29 views

Debian DSA-5109-1 : faad2 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5109 advisory. - There is a stack-based buffer overflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8....

7.8CVSS7.3AI score0.01281EPSS
Exploits10References23
Rows per page
Query Builder