EUVD-2022-49799

Malicious code in bioql PyPI...

openSUSE 15 Security Update : opusfile (openSUSE-SU-2024:0013-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2024:0013-1 advisory. - A null pointer dereference issue was discovered in functions opgetdata and opopen1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cau...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : Opusfile vulnerability (USN-5937-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5937-1 advisory. It was discovered that Opusfile was not properly validating pointer arguments in some of its functions, which could lead to a...

SUSE CVE-2019-14437

The xiphSplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly. As a result, a heap-based buffer over-read can be triggered via a crafted .ogg file...

SUSE CVE-2019-14438

A heap-based buffer over-read in xiphPackHeaders in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg file...

Fedora 37 : opusfile (2023-6d18f920d2)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-6d18f920d2 advisory. Add upstream fix for CVE-2022-47021 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has no...

ROS-20230130-02

Vulnerability of the opusfile stream decoder library is related to null pointer dereferencing in the opgetdata and opopen1 functions in opusfile.c in xiph. Exploitation of the vulnerability could allow an attacker, acting remotely, transfer specially crafted data to an application and perform a...

CVE-2022-47021

A null pointer dereference issue was discovered in functions opgetdata and opopen1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts...

CVE-2022-47021

A null pointer dereference issue was discovered in functions opgetdata and opopen1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts...

CVE-2022-47021

A null pointer dereference issue was discovered in functions opgetdata and opopen1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts...

CVE-2022-47021

CVE-2022-47021 concerns a NULL pointer dereference in opusfile.c (functions op_get_data and op_open1) of xiph opusfile versions 0.9–0.12, enabling denial of service or unspecified impact. Connected advisories confirm public fixes in package streams (e.g., Mageia update and Fedora update notes), i...

Xiph Libvorbis Input Validation Error Vulnerability

Xiph Libvorbis is a tool from the Xiph Foundation that can be used to codec audio. The tool has a common music encoding format built in. An input validation error vulnerability exists in versions of Xiph Libvorbis prior to 1.3.6, which stems from lib/codebook.c not performing array bounds checkin...

DEBIAN-CVE-2014-9630

The rtppacketizexiphconfig function in modules/streamout/rtpfmt.c in VideoLAN VLC media player before 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified...

UBUNTU-CVE-2014-9630

The rtppacketizexiphconfig function in modules/streamout/rtpfmt.c in VideoLAN VLC media player before 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified...

DEBIAN-CVE-2019-14438

A heap-based buffer over-read in xiphPackHeaders in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg file...

UBUNTU-CVE-2019-14438

A heap-based buffer over-read in xiphPackHeaders in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg file...

UBUNTU-CVE-2019-14437

The xiphSplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly. As a result, a heap-based buffer over-read can be triggered via a crafted .ogg file...

VideoLAN VLC media player resource management error vulnerability (CNVD-2019-31070)

VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework organized by VideoLAN France. The product supports the playback of a variety of media files, CD-ROMs, etc., a variety of audio and video formats WMV, MP3, etc. and so on. A resource...

VideoLAN VLC media player buffer overflow vulnerability (CNVD-2019-31069)

VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework organized by VideoLAN France. The product supports the playback of a variety of media files, CD-ROMs, etc., a variety of audio and video formats WMV, MP3, etc. and so on. A buffer error...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read barknoisehybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. Remediation There is no fixed version for vorbis. References - Gitlab.xiph.org...