CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

237 matches found

OSV•added 2026/05/27 4:46 p.m.•4 views

OPENSUSE-SU-2026:20821-1 Security update for localsearch

This update for localsearch fixes the following issues: - CVE-2026-1764: Fixed a heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files. bsc1257606 - CVE-2026-1765: Fixed a Denial of Service and potential information disclosure via crafted MP3 files...

5.9AI score

Exploits1References8

CVE•added 2026/05/26 8:39 a.m.•9 views

CVE-2026-25713

Technical details are not publicly available in the provided documents. Monitor for updates from official advisories and CVE listings for impacted versions, affected components, and fixes.

7.8CVSS6AI score0.00021EPSS

Exploits1References2Affected Software1

ATTACKERKB•added 2026/05/26 8:39 a.m.•7 views

CVE-2026-25713

MediaArea MediaInfoLib ID3v2 parsing heap buffer overflow vulnerability...

7.8CVSS6AI score0.00021EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2026/05/26 12:0 a.m.•7 views

PT-2026-43203

Name of the Vulnerable Software and Affected Versions MediaArea MediaInfoLib affected versions not specified Description A heap buffer overflow occurs during the parsing of ID3v2 tags. A heap buffer overflow is a memory corruption issue that happens when a program writes more data to a...

7.8CVSS6AI score0.00021EPSS

Exploits1References4

Talos•added 2026/05/25 12:0 a.m.•4 views

MediaArea MediaInfoLib ID3v2 parsing heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the ID3v2 parsing functionality of MediaInfoLib versions: 26.01. A specially crafted media file that contains ID3v2 tags can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

7.8CVSS6.5AI score0.00021EPSS

Exploits1

OSV•added 2026/05/08 11:46 a.m.•1 views

CLSA-2026-1778161748 taglib: Fix of CVE-2023-47466

CVE-2023-47466: fix segmentation violation and application crash during tag writing via crafted WAV file in which an id3 chunk is the only valid chunk...

7.1CVSS5.8AI score0.00022EPSS

Exploits1References1

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в exempi

A buffer overflow vulnerability exists in the function ID3Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and earlier versions. This vulnerability allows remote attackers to cause a denial of service by opening crafted audio files that contain the ID3V2 frame...

6.5CVSS7.1AI score0.02228EPSS

Exploits1References2

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в taglib

TagLib before 2.0 allows a segmentation violation and application crash during tag writing via a crafted WAV file in which an id3 chunk is the only valid chunk...

7.1CVSS5.8AI score0.00022EPSS

Exploits1References1

RedhatCVE•added 2026/02/02 4:15 p.m.•2 views

CVE-2026-1766

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when processing specially crafted MP3 files containing malformed ID3v2.3 COMM Comment tags. An attacker cou...

5.6CVSS5.3AI score

Exploits0References3

CNNVD•added 2026/02/02 12:0 a.m.•2 views

GNOME localsearch MP3 Extractor 安全漏洞

GNOME localsearch MP3 Extractor is an open-source MP3 audio file extraction component developed by GNOME. There is a security vulnerability in GNOME localsearch MP3 Extractor. This vulnerability stems from the MP3 Extractor’s tracker-extract-mp3 function, which may lead to a heap buffer overflow...

5.9AI score

Exploits0References2

Debian•added 2026/01/24 6:43 p.m.•7 views

[SECURITY] [DLA 4450-1] taglib security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4450-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz January 24, 2026 https://wiki.debian.org/LTS -...

7.1CVSS5.4AI score0.00022EPSS

Exploits1

Tenable Nessus•added 2026/01/22 12:0 a.m.•2 views

Azure Linux 3.0 Security Update: libid3tag (CVE-2004-2779)

The version of libid3tag installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2004-2779 advisory. - id3utf16deserialize in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an...

7.5CVSS5.6AI score0.00325EPSS

Exploits0References2

Tenable Nessus•added 2026/01/20 12:0 a.m.•2 views

MiracleLinux 8 : exempi-2.4.5-4.el8 (AXSA:2024-8237:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8237:01 advisory. exempi: denial of service via opening of crafted audio file with ID3V2 frame CVE-2020-18651 exempi: denial of service via opening of crafted webp fi...

6.5CVSS5.6AI score0.02228EPSS

Exploits2References3

Positive Technologies•added 2026/01/01 12:0 a.m.•4 views

PT-2026-6841

Name of the Vulnerable Software and Affected Versions tracker-miners affected versions not specified Description A flaw exists in tracker-miners related to the handling of malformed MP3 files. Specifically, the software incorrectly processes certain MP3 files, potentially leading to a denial of...

6AI score

Exploits1References20