CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2438 matches found

CVE-2026-1766

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when processing specially crafted MP3 files containing malformed ID3v2.3 COMM Comment tags. An attacker cou...

6.1CVSS0.00166EPSS

Exploits1References2

NVD•added 2 days ago•9 views

CVE-2026-1764

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the extractperformerstags function can lead to a heap buffer overflow. This vulnerability allows a remote attacker...

5.6CVSS0.00193EPSS

Exploits1References2

CVE•added 2 days ago•11 views

CVE-2026-1767

A flaw was found in the GNOME localsearch previously known as tracker-miners MP3 Extractor tracker-extract-mp3 component. A remote attacker could exploit this heap buffer overflow vulnerability by providing a specially crafted MP3 file containing malformed ID3 tags. This incorrect length...

8.1CVSS5.6AI score0.00339EPSS

Exploits1References2Affected Software2

EUVD•added 2 days ago•5 views

EUVD-2026-37028

5.6CVSS5.6AI score0.00339EPSS

Exploits1References2

Cvelist•added 2 days ago•25 views

CVE-2026-1766 Localsearch: tracker-miners: gnome localsearch mp3 extractor: denial of service and information disclosure via malformed mp3 files.

5.6CVSS0.00166EPSS

Exploits1References2

Debian CVE•added 2 days ago•4 views

CVE-2026-1766

6.1CVSS5.5AI score0.00166EPSS

Exploits1

EUVD•added 2 days ago•5 views

EUVD-2026-37026

A flaw was found in the tracker-extract-mp3 component of GNOME localsearch previously known as tracker-miners. This vulnerability, a heap buffer overflow, occurs when processing specially crafted MP3 files. A remote attacker could exploit this by providing a malicious MP3 file, leading to a Denia...

5.6CVSS5.5AI score0.00193EPSS

Exploits0References2

CVE•added 2 days ago•14 views

CVE-2026-1765

CVE-2026-1765 concerns GNOME localsearch’s tracker-miners: the tracker-extract-mp3 component is vulnerable to a heap buffer overflow when processing crafted MP3 files, potentially causing Denial of Service (crash) and, in some cases, information disclosure from memory. The issue is confirmed acro...

5.6CVSS5.5AI score0.00193EPSS

Exploits0References2

Cvelist•added 2 days ago•24 views

CVE-2026-1765 Localsearch: tracker-miners: gnome localsearch mp3 extractor: denial of service and potential information disclosure via crafted mp3 files

5.6CVSS0.00193EPSS

Exploits0References2

Debian CVE•added 2 days ago•3 views

CVE-2026-1765

5.6CVSS5.5AI score0.00193EPSS

Exploits0

CVE•added 2 days ago•31 views

CVE-2026-1764

The CVE-2026-1764 to CVE-2026-1767 family affects GNOME localsearch (tracker-miners) MP3 extraction. Root cause: a missing bounds check in extract_performers_tags when parsing MP3 files (ID3v2.x), enabling a heap buffer overflow. Impact: Denial of Service (remote or local depending on context) vi...

5.6CVSS5.6AI score0.00193EPSS

Exploits1References2

Debian CVE•added 2 days ago•5 views

CVE-2026-1764

5.6CVSS5.7AI score0.00193EPSS

Exploits1

Cvelist•added 2026/05/29 2:46 p.m.•29 views

CVE-2018-25383 Free MP3 CD Ripper 2.8 Buffer Overflow SEH DEP Bypass

Free MP3 CD Ripper 2.8 contains a stack-based buffer overflow vulnerability in WMA file processing that allows local attackers to bypass DEP protection via structured exception handling manipulation. Attackers can craft a malicious WMA file that triggers the overflow when loaded through the Conve...

8.6CVSS0.00181EPSS

Exploits0References3

Vulnrichment•added 2026/05/29 2:46 p.m.•9 views

CVE-2018-25383 Free MP3 CD Ripper 2.8 Buffer Overflow SEH DEP Bypass

8.6CVSS6.5AI score0.00181EPSS

Exploits0References3

CVE•added 2026/05/29 2:46 p.m.•13 views

CVE-2018-25383

CVE-2018-25383 affects Free MP3 CD Ripper 2.8. The vulnerability is a stack-based buffer overflow in WMA file processing within the Convert function, allowing a local attacker to bypass DEP via SEH manipulation and execute arbitrary code (via a ROP chain and shellcode injection). The impact is lo...

8.6CVSS6.5AI score0.00181EPSS

Exploits0References3

OSV•added 2026/05/27 4:46 p.m.•5 views

OPENSUSE-SU-2026:20821-1 Security update for localsearch

This update for localsearch fixes the following issues: - CVE-2026-1764: Fixed a heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files. bsc1257606 - CVE-2026-1765: Fixed a Denial of Service and potential information disclosure via crafted MP3 files...

8.1CVSS5.9AI score0.00339EPSS

Exploits3References8

OSV•added 2026/04/18 4:16 p.m.•2 views

MINI-8MP3-XQJQ-754C

Bulletin has no description...

9.8CVSS5.6AI score0.00536EPSS

Exploits0

RedhatCVE•added 2026/04/14 1:22 a.m.•4 views

CVE-2026-39647

Server-Side Request Forgery SSRF vulnerability in sonaar MP3 Audio Player for Music, Radio & Podcast by Sonaar mp3-music-player-by-sonaar allows Server Side Request Forgery.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through = 5.11...

5.4CVSS5.8AI score0.00168EPSS

Exploits0References1

Tenable Nessus•added 2026/04/13 12:0 a.m.•1 views

Amazon Linux 2023 : tracker-miners (ALAS2023-2026-1580)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1580 advisory. A flaw was found in GNOME localsearch MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the extractperformerstags function can lead ...

8.1CVSS6.2AI score0.00339EPSS

Exploits3References10

NVD•added 2026/04/08 9:16 a.m.•3 views

CVE-2026-39647

5.4CVSS0.00168EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by