Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

240 matches found

EUVD
EUVDadded 2026/06/16 12:34 a.m.7 views

EUVD-2026-37028

A flaw was found in the GNOME localsearch previously known as tracker-miners MP3 Extractor tracker-extract-mp3 component. A remote attacker could exploit this heap buffer overflow vulnerability by providing a specially crafted MP3 file containing malformed ID3 tags. This incorrect length...

5.6CVSS5.6AI score0.00246EPSS
Exploits1References2
CVE
CVEadded 2026/06/16 12:34 a.m.16 views

CVE-2026-1767

CVE-2026-1767 affects GNOME localsearch’s MP3 Extractor (tracker-extract-mp3). The issue is a heap buffer overflow when parsing MP3 ID3 tags, caused by incorrect length calculations for performer tags, leading to potential DoS from a crash or information disclosure. Connected advisories reference...

8.1CVSS5.6AI score0.00246EPSS
Exploits1References2Affected Software2
CVE
CVEadded 2026/06/16 12:32 a.m.33 views

CVE-2026-1764

The CVE-2026-1764 to CVE-2026-1767 family affects GNOME localsearch (tracker-miners) MP3 extraction. Root cause: a missing bounds check in extract_performers_tags when parsing MP3 files (ID3v2.x), enabling a heap buffer overflow. Impact: Denial of Service (remote or local depending on context) vi...

5.6CVSS5.6AI score0.00209EPSS
Exploits2References2Affected Software2
OSV
OSVadded 2026/05/27 4:46 p.m.6 views

OPENSUSE-SU-2026:20821-1 Security update for localsearch

This update for localsearch fixes the following issues: - CVE-2026-1764: Fixed a heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files. bsc1257606 - CVE-2026-1765: Fixed a Denial of Service and potential information disclosure via crafted MP3 files...

8.1CVSS5.9AI score0.00246EPSS
Exploits4References8
ATTACKERKB
ATTACKERKBadded 2026/05/26 8:39 a.m.8 views

CVE-2026-25713

MediaArea MediaInfoLib ID3v2 parsing heap buffer overflow vulnerability...

7.8CVSS6AI score0.00207EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2026/05/26 8:39 a.m.17 views

CVE-2026-25713

Technical details are not publicly available in the provided documents. Monitor for updates from official advisories and CVE listings for impacted versions, affected components, and fixes.

7.8CVSS6AI score0.00207EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2026/05/26 12:0 a.m.11 views

PT-2026-43203

Name of the Vulnerable Software and Affected Versions MediaArea MediaInfoLib affected versions not specified Description A heap buffer overflow occurs during the parsing of ID3v2 tags. A heap buffer overflow is a memory corruption issue that happens when a program writes more data to a...

7.8CVSS6AI score0.00207EPSS
Exploits1References4
Talos
Talosadded 2026/05/25 12:0 a.m.9 views

MediaArea MediaInfoLib ID3v2 parsing heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the ID3v2 parsing functionality of MediaInfoLib versions: 26.01. A specially crafted media file that contains ID3v2 tags can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

7.8CVSS6.5AI score0.00207EPSS
Exploits1
AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.4 views

Astra Linux - уязвимость в exempi

A buffer overflow vulnerability exists in the function ID3Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and earlier versions. This vulnerability allows remote attackers to cause a denial of service by opening crafted audio files that contain the ID3V2 frame...

6.5CVSS7.1AI score0.00998EPSS
Exploits1References2
OSV
OSVadded 2026/05/08 11:46 a.m.4 views

CLSA-2026-1778161748 taglib: Fix of CVE-2023-47466

CVE-2023-47466: fix segmentation violation and application crash during tag writing via crafted WAV file in which an id3 chunk is the only valid chunk...

7.1CVSS5.8AI score0.00259EPSS
Exploits1References1
AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.3 views

Astra Linux – Vulnerability in taglib

TagLib before version 2.0 allows a segmentation violation and causes the application to crash during tag writing when a crafted WAV file is used, in which the id3 chunk is the only valid chunk...

7.1CVSS5.2AI score0.00259EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/02/02 4:15 p.m.4 views

CVE-2026-1766

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when processing specially crafted MP3 files containing malformed ID3v2.3 COMM Comment tags. An attacker cou...

5.6CVSS5.3AI score0.00158EPSS
Exploits1References3
CNNVD
CNNVDadded 2026/02/02 12:0 a.m.4 views

GNOME localsearch MP3 Extractor 安全漏洞

GNOME localsearch MP3 Extractor is an open-source MP3 audio file extraction component developed by GNOME. There is a security vulnerability in GNOME localsearch MP3 Extractor. This vulnerability stems from the MP3 Extractor’s tracker-extract-mp3 function, which may lead to a heap buffer overflow...

5.9AI score0.00158EPSS
Exploits1References2
Debian
Debianadded 2026/01/24 6:43 p.m.10 views

[SECURITY] [DLA 4450-1] taglib security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4450-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz January 24, 2026 https://wiki.debian.org/LTS -...

7.1CVSS5.4AI score0.00259EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2026/01/22 12:0 a.m.4 views

Azure Linux 3.0 Security Update: libid3tag (CVE-2004-2779)

The version of libid3tag installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2004-2779 advisory. - id3utf16deserialize in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an...

7.5CVSS5.6AI score0.02546EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : exempi-2.4.5-4.el8 (AXSA:2024-8237:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8237:01 advisory. exempi: denial of service via opening of crafted audio file with ID3V2 frame CVE-2020-18651 exempi: denial of service via opening of crafted webp fi...

6.5CVSS5.6AI score0.00998EPSS
Exploits2References3
Positive Technologies
Positive Technologiesadded 2026/01/01 12:0 a.m.7 views

PT-2026-6841

Name of the Vulnerable Software and Affected Versions tracker-miners affected versions not specified Description A flaw exists in tracker-miners related to the handling of malformed MP3 files. Specifically, the software incorrectly processes certain MP3 files, potentially leading to a denial of...

5.6CVSS6AI score0.00209EPSS
Exploits3References24
EUVD
EUVDadded 2025/10/07 12:30 a.m.9 views

EUVD-2017-4334

Malware in sbrugna...

5.5CVSS5.7AI score0.0119EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2018-21031

Malware in sbrugna...

7.1CVSS5.6AI score0.00884EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2008-5223

Malware in sbrugna...

9.3CVSS6.1AI score0.05692EPSS
Exploits0References10
Rows per page
Query Builder