Search CVE reports
1 – 10 of 39 results
CVE-2023-38858
Medium prioritySome fixes available 4 of 7
Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039.
1 affected packages
faad2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| faad2 | Needs evaluation | Not affected | Fixed | Fixed | Fixed |
CVE-2023-38857
Medium prioritySome fixes available 4 of 7
Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c.
1 affected packages
faad2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| faad2 | Needs evaluation | Not affected | Fixed | Fixed | Fixed |
CVE-2021-32278
Medium prioritySome fixes available 4 of 16
An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function lt_prediction located in lt_predict.c. It allows an attacker to cause code Execution.
3 affected packages
faad2, welle.io, xine-lib
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| faad2 | Not affected | Not affected | Fixed | Fixed | Fixed |
| welle.io | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
| xine-lib | Not in release | Not in release | Not in release | Not in release | Ignored |
CVE-2021-32277
Medium prioritySome fixes available 4 of 16
An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_analysis_32 located in sbr_qmf.c. It allows an attacker to cause code Execution.
3 affected packages
faad2, welle.io, xine-lib
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| faad2 | Not affected | Not affected | Fixed | Fixed | Fixed |
| welle.io | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
| xine-lib | Not in release | Not in release | Not in release | Not in release | Ignored |
CVE-2021-32276
Medium prioritySome fixes available 4 of 16
An issue was discovered in faad2 through 2.10.0. A NULL pointer dereference exists in the function get_sample() located in output.c. It allows an attacker to cause Denial of Service.
3 affected packages
faad2, welle.io, xine-lib
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| faad2 | Not affected | Not affected | Fixed | Fixed | Fixed |
| welle.io | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
| xine-lib | Not in release | Not in release | Not in release | Not in release | Ignored |
CVE-2021-32274
Medium prioritySome fixes available 4 of 16
An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_synthesis_64 located in sbr_qmf.c. It allows an attacker to cause code Execution.
3 affected packages
faad2, welle.io, xine-lib
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| faad2 | Not affected | Not affected | Fixed | Fixed | Fixed |
| welle.io | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
| xine-lib | Not in release | Not in release | Not in release | Not in release | Ignored |
CVE-2021-32273
Medium prioritySome fixes available 4 of 16
An issue was discovered in faad2 through 2.10.0. A stack-buffer-overflow exists in the function ftypin located in mp4read.c. It allows an attacker to cause Code Execution.
3 affected packages
faad2, welle.io, xine-lib
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| faad2 | Not affected | Not affected | Fixed | Fixed | Fixed |
| welle.io | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
| xine-lib | Not in release | Not in release | Not in release | Not in release | Ignored |
CVE-2021-32272
Medium prioritySome fixes available 4 of 16
An issue was discovered in faad2 before 2.10.0. A heap-buffer-overflow exists in the function stszin located in mp4read.c. It allows an attacker to cause Code Execution.
3 affected packages
faad2, welle.io, xine-lib
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| faad2 | Not affected | Not affected | Fixed | Fixed | Fixed |
| welle.io | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
| xine-lib | Not in release | Not in release | Not in release | Not in release | Ignored |
CVE-2019-15296
Medium prioritySome fixes available 1 of 4
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The faad_resetbits function in libfaad/bits.c is affected by a buffer overflow vulnerability. The number of bits to be read is determined...
1 affected packages
faad2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| faad2 | Not affected | Not affected | Not affected | Vulnerable | Vulnerable |
CVE-2019-5459
Medium priorityAn Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.
2 affected packages
faad2, vlc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| faad2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| vlc | Not affected | Not affected | Not affected | Not affected | Not affected |