109 matches found
Astra Linux - уязвимость в libcue
Libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and earlier are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a CUE sheet from a malicious webpage. Since the file is saved to /Downloads, it...
Low: tracker-miners
Issue Overview: A flaw was found in GNOME localsearch MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the extractperformerstags function can lead to a heap buffer overflow. This vulnerability allows a remote attacker to cause a Denial ...
📄 tracker-extract 3.8.2 / tracker-miners 3.x Crash
Proof of concept exploit for tracker-extract version 3.8.2 and tracker-miners version 3.x that demonstrates a crash when parsing oversized or malformed frames from MP3/APEv2 tags...
openSUSE Security Advisory (SUSE-SU-2026:0780-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : tracker-miners (SUSE-SU-2026:0780-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0780-1 advisory. - CVE-2026-1764: heap buffer overflow leads to denial of service or information disclosure when...
Security update for tracker-miners
This update for tracker-miners fixes the following issues: CVE-2026-1764: heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files bsc1257606. CVE-2026-1765: denial of Service and potential information disclosure via crafted MP3 files bsc1257607...
Ubuntu: Security Advisory (USN-8019-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : tracker-miners vulnerabilities (USN-8019-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8019-1 advisory. Fatih elik discovered that tracker-miners incorrectly handled certain malformed MP3 files. An attacker could use this issue to cause...
USN-8019-1 tracker-miners vulnerabilities
Fatih Çelik discovered that tracker-miners incorrectly handled certain malformed MP3 files. An attacker could use this issue to cause tracker-miners to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-8019-1: tracker-miners vulnerabilities
Fatih Çelik discovered that tracker-miners incorrectly handled certain malformed MP3 files. An attacker could use this issue to cause tracker-miners to crash, resulting in a denial of service, or possibly execute arbitrary code...
Linux Distros Unpatched Vulnerability : CVE-2026-1767
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - localsearch - None tracker-miners - None Red Hat Enterprise Linux - localsearch: tracker- miners: GNOME localsearch MP3 Extractor: Heap buffer...
Linux Distros Unpatched Vulnerability : CVE-2026-1764
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - localsearch - None tracker-miners - None Red Hat Enterprise Linux - localsearch: tracker- miners: GNOME localsearch MP3 Extractor: Heap buffer...
MiracleLinux 9 : tracker-miners-3.1.2-4.el9_3 (AXSA:2023-7044:02)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7044:02 advisory. tracker-miners: sandbox escape CVE-2023-5557 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note tha...
MiracleLinux 8 : tracker-miners-2.1.5-2.el8_9.1 (AXSA:2024-7359:01)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7359:01 advisory. tracker-miners: sandbox escape CVE-2023-5557 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note tha...
PT-2026-6842
Name of the Vulnerable Software and Affected Versions GNOME affected versions not specified Description A flaw exists in the GNOME localsearch MP3 Extractor, specifically within tracker-miners. Incorrect handling of malformed MP3 files can lead to a denial of service, potentially allowing for...
PT-2026-6839
Name of the Vulnerable Software and Affected Versions tracker-miners affected versions not specified Description A flaw exists in tracker-miners related to the handling of malformed MP3 files. This issue could allow an attacker to cause tracker-miners to crash, leading to a denial of service. The...
PT-2026-6841
Name of the Vulnerable Software and Affected Versions tracker-miners affected versions not specified Description A flaw exists in tracker-miners related to the handling of malformed MP3 files. Specifically, the software incorrectly processes certain MP3 files, potentially leading to a denial of...
PT-2026-6840
Name of the Vulnerable Software and Affected Versions GNOME localsearch MP3 Extractor affected versions not specified Description A flaw exists in tracker-miners where it incorrectly processes malformed MP3 files. This can lead to a denial of service, potentially causing the application to crash...
TencentOS Server 3: tracker-miners (TSSA-2023:0320)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0320 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
EUVD-2023-57857
Malicious code in bioql PyPI...