Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

118 matches found

AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in libstb

STBVorbis is a single-file library licensed under MIT that processes OGG Vorbis files. A maliciously crafted file may cause memory writes to exceed the allocated heap buffer in startdecoder. The root cause of this issue is a potential integer overflow in sizeofchar f-commentlistlength, which may...

7.8CVSS7.6AI score0.00518EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.4 views

Astra Linux – Vulnerability in libstb

STBVorbis is a single-file library licensed under MIT that processes OGG Vorbis files. A properly crafted file may trigger an out-of-buffer write in the startdecoder function, because the maximum number of m-submaps is 16, but submapfloor and submapresidue are declared as arrays of 15 elements...

7.8CVSS7AI score0.0073EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.3 views

Astra Linux – Vulnerability in libstb

There is a heap-based buffer overflow vulnerability in the comment functionality of stbvorbis.c v1.22. A specially crafted .ogg file can lead to an out-of-bounds write. An attacker can provide a malicious file to exploit this vulnerability...

9.8CVSS8.6AI score0.0141EPSS
Exploits1References2
AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.6 views

Astra Linux – Vulnerability in libstb

STBVorbis is a single-file library licensed under MIT, designed for processing OGG Vorbis files. A maliciously crafted file may trigger an out-of-bounds write vulnerability in the line f-vendorlen = char'\0';. The root cause of this issue is that if len, read from startdecoder, is a negative...

7.8CVSS7.5AI score0.00536EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.5 views

Astra Linux – Vulnerability in libstb

STBVorbis is a single-file library licensed under the MIT license, designed for processing OGG Vorbis files. A properly crafted file may trigger an out-of-bounds read in the DECODE macro when var is negative. As can be seen in the definition of DECODERAW, a negative value for var is still a valid...

7.1CVSS6.5AI score0.0056EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.4 views

Astra Linux – Vulnerability in libstb

stbvorbis is a single-file library licensed under the MIT license, designed for processing OGG Vorbis files. A properly crafted file may cause a memory allocation failure in the startdecoder function. In such cases, the function returns early, but some of the pointers in f-commentlist remain...

7.8CVSS7.4AI score0.00518EPSS
Exploits0References2
Snyk
Snykadded 2026/04/02 2:26 a.m.1 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the setupfree function of the stbvorbis.c file. An attacker can cause resource exhaustion by triggering repeated or malformed calls to this function remotely, potentially leading t...

6.5CVSS5.9AI score0.00439EPSS
Exploits1References2
OSV
OSVadded 2026/04/02 1:16 a.m.4 views

DEBIAN-CVE-2026-5317

A security flaw has been discovered in Nothings stb up to 1.22. This affects the function startdecoder of the file stbvorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The...

8.8CVSS5.9AI score0.00425EPSS
Exploits1References1
OSV
OSVadded 2026/04/02 1:16 a.m.5 views

UBUNTU-CVE-2026-5317

A security flaw has been discovered in Nothings stb up to 1.22. This affects the function startdecoder of the file stbvorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The...

8.8CVSS5.3AI score0.00425EPSS
Exploits1References6
UbuntuCve
UbuntuCveadded 2026/04/02 1:16 a.m.1 views

CVE-2026-5317

A security flaw has been discovered in Nothings stb up to 1.22. This affects the function startdecoder of the file stbvorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The...

8.8CVSS6.2AI score0.00425EPSS
Exploits1References5
Cvelist
Cvelistadded 2026/04/02 12:45 a.m.28 views

CVE-2026-5317 Nothings stb stb_vorbis.c start_decoder out-of-bounds write

A security flaw has been discovered in Nothings stb up to 1.22. This affects the function startdecoder of the file stbvorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The...

7.5CVSS0.00425EPSS
Exploits1References4
ATTACKERKB
ATTACKERKBadded 2026/04/02 12:45 a.m.2 views

CVE-2026-5317

A security flaw has been discovered in Nothings stb up to 1.22. This affects the function startdecoder of the file stbvorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The...

7.5CVSS5.5AI score0.00425EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/02 12:45 a.m.1 views

CVE-2026-5317 Nothings stb stb_vorbis.c start_decoder out-of-bounds write

A security flaw has been discovered in Nothings stb up to 1.22. This affects the function startdecoder of the file stbvorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The...

7.5CVSS6.2AI score0.00425EPSS
Exploits1References4
CVE
CVEadded 2026/04/02 12:45 a.m.7 views

CVE-2026-5317

CVE-2026-5317 affects Nothings stb up to 1.22; vulnerable area is start_decoder in stb_vorbis.c. The issue is an out-of-bounds write caused by manipulation of data, with potential for remote execution. Public exploit exists; vendor was contacted early but did not respond. Metrics indicate exploit...

8.8CVSS6.2AI score0.00425EPSS
Exploits1References4Affected Software1
EUVD
EUVDadded 2026/04/02 12:31 a.m.5 views

EUVD-2026-18110

A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setupfree of the file stbvorbis.c. The manipulation leads to allocation of resources. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor...

5.3CVSS5.5AI score0.00439EPSS
Exploits1References5
NVD
NVDadded 2026/04/02 12:16 a.m.4 views

CVE-2026-5316

A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setupfree of the file stbvorbis.c. The manipulation leads to allocation of resources. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor...

6.5CVSS0.00439EPSS
Exploits1References4
UbuntuCve
UbuntuCveadded 2026/04/02 12:16 a.m.3 views

CVE-2026-5316

A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setupfree of the file stbvorbis.c. The manipulation leads to allocation of resources. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor...

6.5CVSS5.6AI score0.00439EPSS
Exploits1References5
CVE
CVEadded 2026/04/02 12:0 a.m.13 views

CVE-2026-5316

CVE-2026-5316 affects the Nothings stb library up to version 1.22. The vulnerable element is the function setup_free in the file stb_vorbis.c , where the manipulation leads to resource allocation. The attack can be performed remotely, and an exploit is publicly available. The vendor was contacted...

6.5CVSS5.5AI score0.00439EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/04/02 12:0 a.m.7 views

CVE-2026-5316

A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setupfree of the file stbvorbis.c. The manipulation leads to allocation of resources. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor...

5.3CVSS5.5AI score0.00439EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVEadded 2026/04/02 12:0 a.m.4 views

CVE-2026-5316

A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setupfree of the file stbvorbis.c. The manipulation leads to allocation of resources. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor...

6.5CVSS4.6AI score0.00439EPSS
Exploits1
Rows per page
Query Builder