OPENSUSE-SU-2026:20291-1 Security update for fluidsynth

This update for fluidsynth fixes the following issues: - CVE-2025-56225: NULL pointer deference when loading and invalid MIDI file bsc1256435...

OESA-2026-1069 fluidsynth security update

FluidSynth is a free software synthesizer. Its currently based on the SoundFont 2 specifications and supports real time MIDI effect controls. It can be used as a shared library for embedding in other applications, can play MIDI files and has a command line shell. Many other applications use...

OESA-2026-1067 fluidsynth security update

FluidSynth is a free software synthesizer. Its currently based on the SoundFont 2 specifications and supports real time MIDI effect controls. It can be used as a shared library for embedding in other applications, can play MIDI files and has a command line shell. Many other applications use...

Security update for fluidsynth (moderate)

openSUSE Security Update: Security update for fluidsynth Announcement ID: openSUSE-SU-2026:0014-1 Rating: moderate References: 1256435 Cross-References: CVE-2025-56225 CVSS scores: CVE-2025-56225 SUSE: 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Affected Products: openSUSE...

Linux Distros Unpatched Vulnerability : CVE-2025-56225

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluidsynthmonopoly.c, that can be triggered when loading an invalid midi file...

CVE-2025-56225

fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluidsynthmonopoly.c, that can be triggered when loading an invalid midi file...

CVE-2025-56225

CVE-2025-56225 affects fluidsynth-2.4.6 and earlier. The root cause is a NULL pointer dereference in fluid_synth_monopoly.c triggered when loading an invalid MIDI file. This can impact availability (CVE base score 7.5, HIGH). The connected advisories show patches/updates: Fedora advisories (FEDOR...

CVE-2025-56225

fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluidsynthmonopoly.c, that can be triggered when loading an invalid midi file...

EUVD-2005-1135

Malware in sbrugna...

EUVD-2011-0522

Malware in sbrugna...

EUVD-2017-3276

Malware in sbrugna...

EUVD-2017-3273

Malware in sbrugna...

EUVD-2003-0756

Malware in sbrugna...

EUVD-2006-3225

Malware in sbrugna...

EUVD-2010-4339

Malware in sbrugna...

EUVD-2023-31664

Malicious code in bioql PyPI...

EUVD-2023-30714

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-11663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The WMSetupMidiEvent function in internalmidi.c:2315 in WildMIDI 0.4.2 can cause a denial of service invalid memory read and application crash via a crafted mid...

Linux Distros Unpatched Vulnerability : CVE-2017-11664

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The WMSetupMidiEvent function in internalmidi.c:2122 in WildMIDI 0.4.2 can cause a denial of service invalid memory read and application crash via a crafted mid...

Linux Distros Unpatched Vulnerability : CVE-2017-11546

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The insertnotesteps function in readmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service divide-by-zero error and application crash...