Astra Linux – Vulnerability in libass

In libass 0.14.0, the call to assoutlineconstruct's outlinestroke function causes a signed integer overflow...

Astra Linux – Vulnerability in libass

A stack overflow occurred in the parsetag function in libass/assparse.c in libass before version 0.15.0. This vulnerability allows remote attackers to cause a denial of service or remote code execution through a crafted file...

JLSEC-2026-155

In libass 0.14.0, the assoutlineconstruct's call to outlinestroke causes a signed integer overflow...

JLSEC-2026-154

Stack overflow in the parsetag function in libass/assparse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file...

EUVD-2020-23958

Malware in sbrugna...

EUVD-2016-8817

Malware in sbrugna...

EUVD-2020-19224

Malware in sbrugna...

EUVD-2020-17694

Malware in sbrugna...

EUVD-2016-8818

Malware in sbrugna...

EUVD-2016-8820

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-26682

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libass 0.14.0, the assoutlineconstruct's call to outlinestroke causes a signed integer overflow. CVE-2020-26682 Note that Nessus relies on the presence of th...

Linux Distros Unpatched Vulnerability : CVE-2020-24994

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack overflow in the parsetag function in libass/assparse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code executi...

The vulnerability of the parse_tag() function in the libass/ass_parse.c component of the ASS/SSA subtitle renderer library in Libass allows a attacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the parsetag function in the libass/assparse.c component of the ASS/SSA subtitle renderer library in Libass is related to the allocation of unlimited memory. Exploiting this vulnerability could allow a malicious actor to gain access to confidential data, compromise its...

The vulnerability of the ass_outline_construct() function in the ASS/SSA Libass subtitle renderer allows a hacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the assoutlineconstruct function in the ASS/SSA Libass subtitle renderer is related to integer overflow. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

OPENSUSE-SU-2024:10508-1 libass-devel-0.13.4-2.1 on GA media

These are all security issues fixed in the libass-devel-0.13.4-2.1 package on the GA media of openSUSE Tumbleweed...

Ubuntu 16.04 ESM : LibASS vulnerabilities (USN-4797-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4797-1 advisory. It was discovered that LibASS incorrectly handled certain ASS files. A remote attacker could possibly use this issue to cause a denial of service. One of...

Debian: Security Advisory (DLA-668-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2016-7969

The wraplinessmart function in assrender.c in libass before 0.13.4 allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors, related to "0/3 line wrapping equalization."...

SUSE CVE-2016-7970

Buffer overflow in the calccoeff function in libass/assblur.c in libass before 0.13.4 allows remote attackers to cause a denial of service via unspecified vectors...

SUSE CVE-2016-7972

The checkallocations function in libass/assshaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service memory allocation failure via unspecified vectors...