Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

SUSE CVE
SUSE CVEadded 2026/04/04 11:26 p.m.2 views

SUSE CVE-2026-5316

A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setupfree of the file stbvorbis.c. The manipulation leads to allocation of resources. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor...

5.3CVSS5.3AI score0.00164EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2024/05/11 12:0 a.m.13 views

Fedora 39 : stb (2024-4c8d4cda0d)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-4c8d4cda0d advisory. Security fix for CVE-2023-45681 / CVE-2023-47212 Tenable has extracted the preceding description block directly from the Fedora security advisory...

9.8CVSS7.6AI score0.00273EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2024/05/11 12:0 a.m.43 views

Fedora 40 : stb (2024-8f4d69d2ec)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-8f4d69d2ec advisory. Security fix for CVE-2023-45681 / CVE-2023-47212 Tenable has extracted the preceding description block directly from the Fedora security advisory...

9.8CVSS7.6AI score0.00273EPSS
Exploits1References3
Talos Blog
Talos Blogadded 2024/05/08 4:0 p.m.34 views

Talos discloses multiple zero-day vulnerabilities, two of which could lead to code execution

Cisco Talos Vulnerability Research team recently disclosed three zero-day vulnerabilities that are still unpatched as of Wednesday, May 8. Two vulnerabilities in this group -- one in the Tinyroxy HTTP proxy daemon and another in the stbvorbis.c file library -- could lead to arbitrary code...

9.8CVSS9.5AI score0.79606EPSS
Exploits3
NVD
NVDadded 2024/05/01 4:15 p.m.9 views

CVE-2023-47212

A heap-based buffer overflow vulnerability exists in the comment functionality of stb vorbis.c v1.22. A specially crafted .ogg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...

9.8CVSS9.5AI score0.00273EPSS
Exploits1References5
Talos
Talosadded 2024/05/01 12:0 a.m.17 views

stb stb_vorbis.c comment heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1846 stb stbvorbis.c comment heap-based buffer overflow vulnerability May 1, 2024 CVE Number CVE-2023-47212 SUMMARY A heap-based buffer overflow vulnerability exists in the comment functionality of stb vorbis.c v1.22. A specially crafted .ogg file can lead to...

9.8CVSS9.6AI score0.00273EPSS
Exploits1
Veracode
Veracodeadded 2023/10/26 7:53 a.m.11 views

Double Free

libstb.so is vulnerable to Double Free. The vulnerability is due to startdecoder function in stbvorbis.c file does not initialize the memory allocated for f-commentlist. This allows an attacker to craft a file that triggers an early return in the function, leading to setupfree being called on the...

7.8CVSS7.4AI score0.0005EPSS
Exploits0References5Affected Software1
Veracode
Veracodeadded 2023/10/24 10:40 a.m.16 views

Out-of-Bounds Write

libstb.so is vulnerable to Out-of-Bounds Writes. This vulnerability exists in the f-vendorlen = char'\0' function of stbvorbis.c because it does not properly allocate memory, which allows to an attacker to perform a heap-based buffer overflow via a crafted ogg vorbis file...

7.8CVSS7.4AI score0.0005EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder