324 matches found
OESA-2026-2353 audiofile security update
The Audio File Library is a C-based library for reading and writing audio files in many common formats. Security Fixes: The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service...
Unity Linux 20.1060e / 20.1070e Security Update: audiofile (UTSA-2026-017494)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017494 advisory. Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in Audio File Library aka audiofile 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 and 0.2.7...
Unity Linux 20.1060e / 20.1070e Security Update: audiofile (UTSA-2026-017495)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017495 advisory. Integer overflow in sfcommands/sfconvert.c in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service crash via a crafted file...
OESA-2026-1786 audiofile security update
The Audio File Library is a C-based library for reading and writing audio files in many common formats. Security Fixes: In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial ...
OESA-2026-1785 audiofile security update
The Audio File Library is a C-based library for reading and writing audio files in many common formats. Security Fixes: In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial ...
OESA-2026-1784 audiofile security update
The Audio File Library is a C-based library for reading and writing audio files in many common formats. Security Fixes: In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial ...
OESA-2026-1783 audiofile security update
The Audio File Library is a C-based library for reading and writing audio files in many common formats. Security Fixes: In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial ...
OESA-2026-1782 audiofile security update
The Audio File Library is a C-based library for reading and writing audio files in many common formats. Security Fixes: In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial ...
PT-2026-27135
A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can caus...
MiracleLinux 7 : file-5.11-36.el7 (AXSA:2020-4555:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-4555:01 advisory. file: out-of-bounds read via a crafted ELF file CVE-2018-10360 Tenable has extracted the preceding description block directly from the MiracleLinux security...
MATIO 安全漏洞
MATIO is an open source C language library for reading and writing binary MATLAB MAT files by tbeu individual developers. A security vulnerability exists in MATIO version 1.5.28, which stems from a mismatch between the value of nfields in the MatVarCreateStruct function and the actual number of...
RHEL 7 : audiofile (RHSA-2025:23457)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:23457 advisory. The Audio File library is an implementation of the Audio File Library from SGI, which provides an API for accessing audio file formats like...
JLSEC-2025-314 A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcro...
A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file...
WordPress ERI File Library plugin unauthorized data access vulnerability
The WordPress ERI File Library plugin is a lightweight plugin designed for WordPress to create and publish document galleries, with support for inserting documents via the Gutenberg editor or shortcode. WordPress ERI File Library plugin suffers from an unauthorized data access vulnerability that...
CVE-2025-12041
The ERI File Library plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eriflfile' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to download files restricted to specific user...
CVE-2025-12041
The ERI File Library plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eriflfile' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to download files restricted to specific user...
CVE-2025-12041
The CVE-2025-12041 entry concerns the WordPress ERI File Library plugin up to version 1.1.0, where a missing capability check on the erifl_file AJAX action allows unauthenticated attackers to download files restricted to specific user roles. Affected software: WordPress ERI File Library plugin (v...
CVE-2025-12041 ERI File Library <= 1.1.0 - Missing Authorization to Unauthenticated Protected File Download
The ERI File Library plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eriflfile' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to download files restricted to specific user...
CVE-2025-12041 ERI File Library <= 1.1.0 - Missing Authorization to Unauthenticated Protected File Download
The ERI File Library plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eriflfile' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to download files restricted to specific user...
EUVD-2025-37323
The ERI File Library plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eriflfile' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to download files restricted to specific user...