CVE-2026-1766

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when processing specially crafted MP3 files containing malformed ID3v2.3 COMM Comment tags. An attacker cou...

EUVD-2002-0541

Malware in sbrugna...

AZL-7261 CVE-2004-2779 affecting package libid3tag 0.15.1b-33

id3utf16deserialize in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service DoS...

Xion Audio Player 1.5 (build 160) - '.mp3' Crash (PoC)

Exploit for windows platform in category dos / poc Exploit Title: Xion Audio Player new'legit.mp3'; whatever mp3 you got handy $mp3-titleset'A' x 5000; title/artist tags $mp3-artistset'A' x 5000; may vary although both seems to be needed $mp3-updatetags; $mp3-close; print " Completed.\n";...

UBUNTU-CVE-2015-8446

Heap-based buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute...

mpg123 signed-unsigned conversion vulnerability

Integer sign mismatch error on ID3 MP3 tags parsing...