Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 39 results


CVE-2023-38858

Medium priority

Some fixes available 4 of 7

Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039.

1 affected packages

faad2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
faad2 Needs evaluation Not affected Fixed Fixed Fixed
Show less packages

CVE-2023-38857

Medium priority

Some fixes available 4 of 7

Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c.

1 affected packages

faad2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
faad2 Needs evaluation Not affected Fixed Fixed Fixed
Show less packages

CVE-2021-32278

Medium priority

Some fixes available 4 of 16

An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function lt_prediction located in lt_predict.c. It allows an attacker to cause code Execution.

3 affected packages

faad2, welle.io, xine-lib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
faad2 Not affected Not affected Fixed Fixed Fixed
welle.io Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
xine-lib Not in release Not in release Not in release Not in release Ignored
Show less packages

CVE-2021-32277

Medium priority

Some fixes available 4 of 16

An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_analysis_32 located in sbr_qmf.c. It allows an attacker to cause code Execution.

3 affected packages

faad2, welle.io, xine-lib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
faad2 Not affected Not affected Fixed Fixed Fixed
welle.io Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
xine-lib Not in release Not in release Not in release Not in release Ignored
Show less packages

CVE-2021-32276

Medium priority

Some fixes available 4 of 16

An issue was discovered in faad2 through 2.10.0. A NULL pointer dereference exists in the function get_sample() located in output.c. It allows an attacker to cause Denial of Service.

3 affected packages

faad2, welle.io, xine-lib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
faad2 Not affected Not affected Fixed Fixed Fixed
welle.io Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
xine-lib Not in release Not in release Not in release Not in release Ignored
Show less packages

CVE-2021-32274

Medium priority

Some fixes available 4 of 16

An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_synthesis_64 located in sbr_qmf.c. It allows an attacker to cause code Execution.

3 affected packages

faad2, welle.io, xine-lib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
faad2 Not affected Not affected Fixed Fixed Fixed
welle.io Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
xine-lib Not in release Not in release Not in release Not in release Ignored
Show less packages

CVE-2021-32273

Medium priority

Some fixes available 4 of 16

An issue was discovered in faad2 through 2.10.0. A stack-buffer-overflow exists in the function ftypin located in mp4read.c. It allows an attacker to cause Code Execution.

3 affected packages

faad2, welle.io, xine-lib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
faad2 Not affected Not affected Fixed Fixed Fixed
welle.io Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
xine-lib Not in release Not in release Not in release Not in release Ignored
Show less packages

CVE-2021-32272

Medium priority

Some fixes available 4 of 16

An issue was discovered in faad2 before 2.10.0. A heap-buffer-overflow exists in the function stszin located in mp4read.c. It allows an attacker to cause Code Execution.

3 affected packages

faad2, welle.io, xine-lib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
faad2 Not affected Not affected Fixed Fixed Fixed
welle.io Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
xine-lib Not in release Not in release Not in release Not in release Ignored
Show less packages

CVE-2019-15296

Medium priority

Some fixes available 1 of 4

An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The faad_resetbits function in libfaad/bits.c is affected by a buffer overflow vulnerability. The number of bits to be read is determined...

1 affected packages

faad2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
faad2 Not affected Not affected Not affected Vulnerable Vulnerable
Show less packages

CVE-2019-5459

Medium priority
Needs evaluation

An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.

2 affected packages

faad2, vlc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
faad2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vlc Not affected Not affected Not affected Not affected Not affected
Show less packages