Lucene search
K

657 matches found

osv
osv
added 2026/01/16 11:57 a.m.3 views

OESA-2026-1067 fluidsynth security update

FluidSynth is a free software synthesizer. Its currently based on the SoundFont 2 specifications and supports real time MIDI effect controls. It can be used as a shared library for embedding in other applications, can play MIDI files and has a command line shell. Many other applications use...

7.5CVSS7AI score0.00414EPSS
Exploits1References2
osv
osv
added 2026/01/16 11:57 a.m.4 views

OESA-2026-1066 fluidsynth security update

FluidSynth is a free software synthesizer. Its currently based on the SoundFont 2 specifications and supports real time MIDI effect controls. It can be used as a shared library for embedding in other applications, can play MIDI files and has a command line shell. Many other applications use...

7.5CVSS7AI score0.00414EPSS
Exploits1References2
nessus
nessus
added 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004396)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004396 advisory. A flaw was found in the Linux kernels implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices coul...

7.8CVSS6.7AI score0.01672EPSS
Exploits2References7
nessus
nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001205)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001205 advisory. The sndmsndmidiinputread function in sound/isa/msnd/msndmidi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary acces...

7.8CVSS7AI score0.00331EPSS
Exploits0References8
opensuse
opensuse
added 2026/01/16 12:0 a.m.8 views

Security update for fluidsynth (moderate)

openSUSE Security Update: Security update for fluidsynth Announcement ID: openSUSE-SU-2026:0014-1 Rating: moderate References: 1256435 Cross-References: CVE-2025-56225 CVSS scores: CVE-2025-56225 SUSE: 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Affected Products: openSUSE...

8.7CVSS7.1AI score0.00414EPSS
Exploits1References1
nessus
nessus
added 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001419)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001419 advisory. A flaw was found in the Linux kernels implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices coul...

7.8CVSS6.7AI score0.01672EPSS
Exploits2References4
nessus
nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000941)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000941 advisory. Double free vulnerability in the sndusbmidicreate function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial...

4.9CVSS6.5AI score0.03723EPSS
Exploits10References41
nessus
nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004192)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004192 advisory. A flaw was found in the Linux kernels implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices coul...

7.8CVSS6.7AI score0.01672EPSS
Exploits2References7
nessus
nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002750)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002750 advisory. Double free vulnerability in the sndusbmidicreate function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial...

4.9CVSS6.6AI score0.03723EPSS
Exploits10References41
nessus
nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003004)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003004 advisory. The sndmsndmidiinputread function in sound/isa/msnd/msndmidi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary acces...

7.8CVSS7AI score0.00331EPSS
Exploits0References8
nessus
nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003553)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003553 advisory. In the Linux kernel before 4.16.4, a double free vulnerability in the fmidisetalt function of drivers/usb/gadget/function/fmidi.c in the fmidi driver may allow...

10CVSS7.4AI score0.06342EPSS
Exploits1References13
nessus
nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002769)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002769 advisory. The sndmsndmidiinputread function in sound/isa/msnd/msndmidi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary acces...

7.8CVSS7AI score0.00331EPSS
Exploits0References8
nessus
nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003269)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003269 advisory. It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and...

7.8CVSS7.1AI score0.00523EPSS
Exploits0References22
nessus
nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003432)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003432 advisory. In the Linux kernel before 4.16.4, a double free vulnerability in the fmidisetalt function of drivers/usb/gadget/function/fmidi.c in the fmidi driver may allow...

10CVSS7.4AI score0.06342EPSS
Exploits1References13
nessus
nessus
added 2026/01/12 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-56225

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluidsynthmonopoly.c, that can be triggered when loading an invalid midi file...

7.5CVSS5.8AI score0.00414EPSS
Exploits1References3
nvd
nvd
added 2026/01/09 4:16 p.m.12 views

CVE-2025-56225

fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluidsynthmonopoly.c, that can be triggered when loading an invalid midi file...

7.5CVSS0.00414EPSS
Exploits1References2
ubuntucve
ubuntucve
added 2026/01/09 4:16 p.m.7 views

CVE-2025-56225

fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluidsynthmonopoly.c, that can be triggered when loading an invalid midi file...

7.5CVSS7AI score0.00414EPSS
Exploits1References3
osv
osv
added 2026/01/09 4:16 p.m.3 views

UBUNTU-CVE-2025-56225

fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluidsynthmonopoly.c, that can be triggered when loading an invalid midi file...

7.5CVSS5.8AI score0.00414EPSS
Exploits1References4
redhatcve
redhatcve
added 2026/01/09 11:28 a.m.4 views

CVE-2021-33897

A buffer overflow in Synthesia before 10.7.5567, when a non-Latin locale is used, allows user-assisted attackers to cause a denial of service application crash via a crafted MIDI file with malformed bytes. This file is mishandled during a deletion attempt. In Synthesia before 10.9, an improper pa...

5.5CVSS7AI score0.0023EPSS
Exploits0References1
cvelist
cvelist
added 2026/01/09 12:0 a.m.28 views

CVE-2025-56225

fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluidsynthmonopoly.c, that can be triggered when loading an invalid midi file...

0.00414EPSS
Exploits1References2
Rows per page
Query Builder