EUVD-2026-37028

A flaw was found in the GNOME localsearch previously known as tracker-miners MP3 Extractor tracker-extract-mp3 component. A remote attacker could exploit this heap buffer overflow vulnerability by providing a specially crafted MP3 file containing malformed ID3 tags. This incorrect length...

CVE-2026-1767

CVE-2026-1767 affects GNOME localsearch’s MP3 Extractor (tracker-extract-mp3). The issue is a heap buffer overflow when parsing MP3 ID3 tags, caused by incorrect length calculations for performer tags, leading to potential DoS from a crash or information disclosure. Connected advisories reference...

OPENSUSE-SU-2026:20821-1 Security update for localsearch

This update for localsearch fixes the following issues: - CVE-2026-1764: Fixed a heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files. bsc1257606 - CVE-2026-1765: Fixed a Denial of Service and potential information disclosure via crafted MP3 files...

GNOME localsearch MP3 Extractor 安全漏洞

GNOME localsearch MP3 Extractor is an open-source MP3 audio file extraction component developed by GNOME. There is a security vulnerability in GNOME localsearch MP3 Extractor. This vulnerability stems from the MP3 Extractor’s tracker-extract-mp3 function, which may lead to a heap buffer overflow...

Azure Linux 3.0 Security Update: libid3tag (CVE-2004-2779)

The version of libid3tag installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2004-2779 advisory. - id3utf16deserialize in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an...

EUVD-2008-3553

Malware in sbrugna...

SUSE CVE-2017-7586

In libsndfile before 1.0.28, an error in the "headerread" function common.c when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file...

CVE-2021-3522

GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags...

[SECURITY] Fedora 28 Update: mingw-libid3tag-0.15.1b-24.fc28

libid3tag is a library for reading and eventually writing ID3 tags, both ID3v1 and the various versions of ID3v2...

[SECURITY] Fedora 27 Update: libid3tag-0.15.1b-26.fc27

libid3tag is a library for reading and eventually writing ID3 tags, both ID3v1 and the various versions of ID3v2...

[SECURITY] Fedora 28 Update: libid3tag-0.15.1b-28.fc28

libid3tag is a library for reading and eventually writing ID3 tags, both ID3v1 and the various versions of ID3v2...

SUSE SLED12 Security Update : libid3tag (SUSE-SU-2018:0722-1)

This update for libid3tag fixes the following issues : - CVE-2004-2779 CVE-2017-11551: Fixed id3utf16deserialize in utf16.c, which previously misparsed ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until OOM leading to DoS. bsc1081959...

SUSE-SU-2018:0722-1 Security update for libid3tag

This update for libid3tag fixes the following issues: - CVE-2004-2779 CVE-2017-11551: Fixed id3utf16deserialize in utf16.c, which previously misparsed ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until OOM leading to DoS. bsc1081959...

SUSE-SU-2018:0715-1 Security update for libid3tag

This update for libid3tag fixes the following issues: - CVE-2004-2779 CVE-2017-11551: Fixed id3utf16deserialize in utf16.c, which previously misparsed ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until OOM leading to DoS. bsc1081959...

PT-2018-4015 · Underbit Technologies +2 · Libid3Tag +2

Name of the Vulnerable Software and Affected Versions: libid3tag versions 0.15.1b and earlier Description: The issue arises from the id3 utf16 deserialize function in utf16.c, which misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes. This triggers an endless loop that allocates...

CVE-2017-7586

A buffer overflow flaw was found in the way libsndfile handled ID3 tags. This flaw could potentially be used to crash the application using libsndfile by tricking the application into processing specially crafted FLAC files...

CVE-2017-7586

In libsndfile before 1.0.28, an error in the "headerread" function common.c when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file...

CVE-2017-7586

In libsndfile before 1.0.28, an error in the "headerread" function common.c when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file...

CVE-2017-7586

In libsndfile before 1.0.28, an error in the "headerread" function common.c when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file...

CVE-2017-7586

In libsndfile before 1.0.28, an error in the "headerread" function common.c when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file...