Lucene search
K
Faad2 ProjectFaad2

9 matches found

CVE
CVE
•added 2021/09/20 3:26 p.m.•133 views

CVE-2021-32278

CVE-2021-32278 affects FAAD2 up to version 2.10.0, with a heap-buffer-overflow in lt_prediction (lt_predict.c) that can lead to code execution. Connected bulletins confirm the issue and link it to FAAD2 across multiple distributions. Advisories (Debian DSA-5109, Debian DLA-2792, Ubuntu USN-6313-1...

7.8CVSS7.3AI score0.01225EPSS
CVE
CVE
•added 2023/08/15 12:0 a.m.•133 views

CVE-2023-38858

FAAD2 (v2.10.1) is affected by a Buffer Overflow via the mp4read.c:1039 path in the mp4info function, enabling remote code execution and a denial of service. Public references across multiple feeds confirm the CVE-2023-38858 issue; Gentoo GLSA 202401-13 recommends upgrading to faad2-2.11.0 or lat...

6.5CVSS6.9AI score0.00898EPSS
CVE
CVE
•added 2021/09/20 3:26 p.m.•123 views

CVE-2021-32277

CVE-2021-32277 affects faad2 up to version 2.10.0. The vulnerability is a heap-buffer-overflow in sbr_qmf_analysis_32 (sbr_qmf.c) that can allow code execution. Multiple connected advisories reference FAAD2 and this CVE, confirming the same underlying issue across Debian/Ubuntu/Nessus entries. Th...

7.8CVSS7.3AI score0.01219EPSS
CVE
CVE
•added 2021/09/20 3:26 p.m.•122 views

CVE-2021-32276

CVE-2021-32276 concerns Faad2 up to version 2.10.0. Affected component: libfaad, specifically the function get_sample() in output.c. Root cause: NULL pointer dereference, which can be triggered to cause Denial of Service. Documented impact is partial availability degradation via DoS. Exploitation...

5.5CVSS5.9AI score0.00885EPSS
CVE
CVE
•added 2021/09/20 3:26 p.m.•115 views

CVE-2021-32274

FAAD2 (faad2) versions up to 2.10.0 are affected by a heap-buffer-overflow in sbr_qmf_synthesis_64 (sbr_qmf.c), enabling potential code execution. This CVE (CVE-2021-32274) is referenced in multiple advisories (Debian/Ubuntu/DLA/DLA-2792, USN 6313-1) indicating a patch is available in newer faad2...

7.8CVSS7.3AI score0.01225EPSS
CVE
CVE
•added 2021/09/20 3:26 p.m.•110 views

CVE-2021-32272

CVE-2021-32272 affects FAAD2 up to version 2.10.0. A heap-buffer-overflow in function stszin (mp4read.c) can allow a remote attacker to achieve Code Execution . Affected: faad2 before 2.10.0. Root cause: heap-buffer-overflow in mp4read.c. Impact: code execution. Remediation: upgrade to 2.10.0 or ...

7.8CVSS7.3AI score0.01218EPSS
CVE
CVE
•added 2021/09/20 3:26 p.m.•107 views

CVE-2021-32273

FAAD2

7.8CVSS7.3AI score0.01093EPSS
CVE
CVE
•added 2021/02/26 9:45 p.m.•97 views

CVE-2021-26567

Summary: CVE-2021-26567 is a stack-based buffer overflow in the FAAD2 decoder (frontend/main.c) of faad2 prior to 2.2.7.1. The vulnerability allows a local attacker to execute arbitrary code via crafted filename and pathname options. Affected context is mainly Synology DiskStation Manager (faad2 ...

7.8CVSS8.6AI score0.01129EPSS
CVE
CVE
•added 2023/08/15 12:0 a.m.•65 views

CVE-2023-38857

FAAD2 v2.10.1 is affected by CVE-2023-38857 (Buffer Overflow) via the stcoin code path in mp4read.c, enabling potential remote code execution and denial of service. Connected advisories confirm FAAD2 vulnerabilities and recommend upgrading to a newer release. Gentoo GLSA-202401-13 instructs upgra...

5.5CVSS6.3AI score0.00523EPSS