Lucene search
K
AudiocodingFreeware Advanced Audio Decoder 2

15 matches found

cve
cve
added 2018/12/22 3:0 p.m.124 views

CVE-2018-20360

FAAD2 (libfaad) vulnerability CVE-2018-20360 arises from an invalid memory address dereference in sbr_process_channel (libfaad/sbr_dec.c), on FAAD2 2.8.8, causing segmentation fault and denial of service. Connected advisories confirm this issue among multiple FAAD2 CVEs and document patches acros...

5.5CVSS5.9AI score0.01128EPSS
cve
cve
added 2018/12/18 1:0 a.m.119 views

CVE-2018-20199

CVE-2018-20199 affects FAAD2 2.8.8 (libfaad/filtbank.c) with a NULL pointer dereference in ifilter_bank, causing segmentation fault and DoS due to mishandling in ONLY_LONG_SEQUENCE. Multiple advisories (Debian DSA-5109/DSA-1899, Debian DLA-2792, Gentoo GLSA-202006-17) document this and urge upgra...

5.5CVSS5.8AI score0.01128EPSS
cve
cve
added 2018/11/23 7:0 p.m.112 views

CVE-2018-19502

CVE-2018-19502 affects FAAD2 2.8.1: heap-based overflow in excluded_channels() (libfaad/syntax.c). Exploitation could enable denial of service via crafted MPEG AAC data. Advisory remediation: upgrade FAAD2 to at least 2.9.0 (per GLSA 202006-17) or equivalent Debian/DSA-4522/DLA-1899 guidance; Deb...

7.8CVSS7.6AI score0.01518EPSS
cve
cve
added 2018/12/22 3:0 p.m.110 views

CVE-2018-20357

CVE-2018-20357 affects FAAD2 (Freeware Advanced Audio Decoder) 2.8.8. The vulnerability is a NULL pointer dereference in sbr_process_channel (libfaad/sbr_dec.c) that can cause a segmentation fault and application crash. Mitigation is to upgrade FAAD2 to a newer version; Gentoo GLSA-202006-17 and ...

5.5CVSS5.4AI score0.01165EPSS
cve
cve
added 2018/12/18 1:0 a.m.109 views

CVE-2018-20196

CVE-2018-20196 affects FAAD2 (Freeware Advanced Audio Decoder) 2.8.8, with a stack-based buffer overflow in the third instance of calculate_gain (libfaad/sbr_hfadj.c) caused by mishandling the S_M array. The vulnerability could lead to denial of service or other unspecified impact. Public advisor...

7.8CVSS7.8AI score0.01281EPSS
cve
cve
added 2018/12/22 3:0 p.m.109 views

CVE-2018-20362

A vulnerability in FAAD2 2.8.8 (libfaad/filtbank.c: ifilter_bank) causes a NULL pointer dereference that leads to a segmentation fault and crash when adding to windowed output in the EIGHT_SHORT_SEQUENCE case. Affected software is FAAD2, with CVE-2018-20362 among multiple issues; remediation is t...

5.5CVSS6AI score0.01165EPSS
cve
cve
added 2018/12/18 1:0 a.m.106 views

CVE-2018-20197

CVE-2018-20197 refers to a stack-based buffer underflow in FAAD2 (Freeware Advanced Audio Decoder) 2.8.8, in the third instance of calculate_gain within libfaad/sbr_hfadj.c. A crafted input may cause denial of service or unspecified impact due to mishandling of the G_max > G case. Connected so...

7.8CVSS7.7AI score0.01317EPSS
cve
cve
added 2018/12/22 3:0 p.m.103 views

CVE-2018-20361

CVE-2018-20361 affects FAAD2 (Freeware Advanced Audio Decoder) 2.8.8, where an invalid memory address dereference in libfaad/sbr_hfadj.c:hf_assembly can trigger a segmentation fault and crash the application, leading to a denial of service. Connected sources confirm this vulnerability in FAAD2 an...

5.5CVSS5.3AI score0.01207EPSS
cve
cve
added 2018/12/18 1:0 a.m.98 views

CVE-2018-20194

CVE-2018-20194 affects FAAD2 (FAAD2 2.8.8) via a stack-based buffer underflow in the third instance of calculate_gain() in libfaad/sbr_hfadj.c. A crafted input can cause denial of service or other unspecified impact by mishandling G_max

7.8CVSS7.7AI score0.01324EPSS
cve
cve
added 2018/12/18 1:0 a.m.96 views

CVE-2018-20198

CVE-2018-20198 affects FAAD2 (libfaad) 2.8.8 with a NULL pointer dereference in ifilter_bank/filtbank.c, causing a segmentation fault and denial of service when handling LONG_START_SEQUENCE windowed output. Connected advisories confirm multiple FAAD2 vulnerabilities; remediation guidance across s...

5.5CVSS5.8AI score0.01207EPSS
cve
cve
added 2018/12/22 3:0 p.m.95 views

CVE-2018-20358

CVE-2018-20358 affects FAAD2 2.8.8; the invalid memory address dereference occurs in libfaad/lt_predict.c (lt_prediction) causing a segmentation fault and DoS. Publicly documented mitigations in connected sources include upgrading FAAD2 to 2.9.0 or newer (e.g., Gentoo GLSA-202006-17 recommends up...

5.5CVSS5.3AI score0.01154EPSS
cve
cve
added 2018/12/22 3:0 p.m.92 views

CVE-2018-20359

CVE-2018-20359 affects FAAD2 2.8.8, where an invalid memory address dereference in libfaad/sbr_dec.c (sbrDecodeSingleFramePS) can cause a segmentation fault and application crash, resulting in a denial of service. Public advisories in connected docs indicate multiple vendors track this in FAAD2 a...

5.5CVSS5.3AI score0.01165EPSS
cve
cve
added 2018/11/23 7:0 p.m.91 views

CVE-2018-19504

CVE-2018-19504 affects FAAD2 2.8.1, with a NULL pointer dereference in ifilter_bank() (libfaad/filtbank.c). Supported documents consistently describe this vulnerability across multiple feeds (NVD, CNVD, Debian DSAs, Gentoo GLSA) and indicate exposure in FAAD2; no exploit details are provided in t...

7.8CVSS7.3AI score0.01383EPSS
cve
cve
added 2018/11/23 7:0 p.m.89 views

CVE-2018-19503

CVE-2018-19503 affects FAAD2 2.8.1: a stack-based buffer overflow in libfaad/sbr_hfadj.c (calculate_gain) could enable denial of service or code execution. Several sources corroborate FAAD2 vulnerabilities; Debian GLSA/DSA recommendations urge upgrading to newer FAAD2 (e.g., 2.9.0+). If upgrading...

7.8CVSS7.6AI score0.0145EPSS
cve
cve
added 2018/12/18 1:0 a.m.83 views

CVE-2018-20195

CVE-2018-20195 affects FAAD2 up to version 2.8.8, where a NULL pointer dereference in ic_predict.c can cause a segmentation fault and denial of service. Public advisories (Debian DSA-4522, Gentoo GLSA-202006-17) recommend upgrading FAAD2 to a newer release (Gentoo: >= faad2-2.9.0). Other listi...

5.5CVSS5.3AI score0.01165EPSS