CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

144 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в libstb

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendori = get8packetf;. The root cause is an integer overflow in setupmalloc. A sufficiently large value in the variable sz overflows with sz+7 in and the negative...

7.8CVSS8AI score0.0005EPSS

Exploits0References2

Tenable Nessus•added 2026/04/03 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2026-5317

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security flaw has been discovered in Nothings stb up to 1.22. This affects the function startdecoder of the file stbvorbis.c. The manipulation results in...

8.8CVSS6.1AI score0.00021EPSS

Exploits1References3

Tenable Nessus•added 2026/04/03 12:0 a.m.•0 views

Linux Distros Unpatched Vulnerability : CVE-2026-5316

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setupfree of the file stbvorbis.c. The manipulation leads to...

6.5CVSS5.4AI score0.00164EPSS

Exploits1References3

EUVD•added 2026/04/02 3:31 a.m.•0 views

EUVD-2026-18114

A security flaw has been discovered in Nothings stb up to 1.22. This affects the function startdecoder of the file stbvorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The...

7.5CVSS6.2AI score0.00021EPSS

Exploits1References5

Debian CVE•added 2026/04/02 12:45 a.m.•3 views

CVE-2026-5317

8.8CVSS5.9AI score0.00021EPSS

Exploits1

OSV•added 2026/04/02 12:16 a.m.•0 views

DEBIAN-CVE-2026-5316

A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setupfree of the file stbvorbis.c. The manipulation leads to allocation of resources. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor...

6.5CVSS4.6AI score0.00164EPSS

Exploits1References1

OSV•added 2026/04/02 12:16 a.m.•2 views

UBUNTU-CVE-2026-5316

6.5CVSS5.3AI score0.00164EPSS

Exploits1References6

Cvelist•added 2026/04/02 12:0 a.m.•30 views

CVE-2026-5316 Nothings stb stb_vorbis.c setup_free allocation of resources

5.3CVSS0.00164EPSS

Exploits1References4

RedhatCVE•added 2026/01/09 9:28 a.m.•3 views

CVE-2023-45678

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of buffer write in startdecoder because at maximum m-submaps can be 16 but submapfloor and submapresidue are declared as arrays of 15 elements. This issue may lead to code execution...

7.8CVSS7.1AI score0.00092EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:27 a.m.•3 views

CVE-2023-45680

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in startdecoder. In that case the function returns early, the f-commentlist is set to NULL, but f-commentlistlength is not reset. Later in vorbisdeinit it tries to...

5.5CVSS6.6AI score0.00022EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:58 a.m.•1 views

CVE-2023-45679

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in startdecoder. In that case the function returns early, but some of the pointers in f-commentlist are left initialized and later setupfree is called on these...

7.8CVSS6.8AI score0.0005EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-4734

Malware in sbrugna...

7.8CVSS7.4AI score0.00193EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-4735

Malware in sbrugna...

7.1CVSS6.7AI score0.00159EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-49968

Malicious code in bioql PyPI...

7.8CVSS6.8AI score0.00092EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•0 views

EUVD-2023-49970

Malicious code in bioql PyPI...

5.5CVSS5.4AI score0.00022EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-51344

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.00273EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•0 views

EUVD-2023-49967

Malicious code in bioql PyPI...

7.8CVSS7.3AI score0.0005EPSS

Exploits0References6

RedhatCVE•added 2025/05/23 3:44 a.m.•4 views

CVE-2023-45676

7.8CVSS7.4AI score0.0005EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 2:25 a.m.•1 views

CVE-2023-45681

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in startdecoder. The root cause is a potential integer overflow in sizeofchar f-commentlistlength which may make setupmalloc allocate less memory...

7.8CVSS7.4AI score0.00049EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 2:21 a.m.•2 views

CVE-2023-45677

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendorlen = char'\0';. The root cause is that if len read in startdecoder is a negative number and setupmalloc successfully allocates memory in that case, but memor...

7.8CVSS7.1AI score0.0005EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by