Xiph.Org
Products
13- 17 CVEs
- 16 CVEs
- 6 CVEs
- 3 CVEs
- 3 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
50| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-14632 | Cri | 0.64 | 9.8 | 0.06 | Sep 21, 2017 | Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184. | ||
| CVE-2017-14160 | Hig | 0.58 | 8.8 | 0.05 | Sep 21, 2017 | The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact via a crafted mp4 file. | ||
| CVE-2018-10392 | Hig | 0.57 | 8.8 | 0.03 | Apr 26, 2018 | mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file. | ||
| CVE-2026-34253 | Hig | 0.53 | 8.2 | 0.01 | May 15, 2026 | A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow… | ||
| CVE-2018-10393 | Hig | 0.49 | 7.5 | 0.02 | Apr 26, 2018 | bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. | ||
| CVE-2017-14633 | Med | 0.42 | 6.5 | 0.02 | Sep 21, 2017 | In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis(). | ||
| CVE-2017-11548 | Med | 0.39 | 5.5 | 0.04 | Jul 31, 2017 | The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service (memory corruption) via a crafted MP3 file. | ||
| CVE-2017-11333 | Med | 0.39 | 5.5 | 0.05 | Jul 31, 2017 | The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (OOM) via a crafted wav file. | ||
| CVE-2017-11331 | Med | 0.39 | 5.5 | 0.04 | Jul 31, 2017 | The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file. | ||
| CVE-2026-5673 | Med | 0.29 | 5.6 | 0.00 | Apr 6, 2026 | A flaw was found in libtheora. This heap-based out-of-bounds read vulnerability exists within the AVI (Audio Video Interleave) parser, specifically in the avi_parse_input_file() function. A local attacker could exploit this by tricking a user into opening a specially crafted AVI… | ||
| CVE-2004-1561 | 0.09 | — | 0.78 | Dec 31, 2004 | Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a large number of headers. | |||
| CVE-2018-18820 | 0.05 | — | 0.49 | Nov 5, 2018 | A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote… | |||
| CVE-2005-0838 | 0.04 | — | 0.09 | May 2, 2005 | Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow attackers to cause a denial of service and possibly execute arbitrary code via (1) a long test value in an xsl:when tag, (2) a long test value in an xsl:if tag, or (3) a long select value in an xsl:value-of… | |||
| CVE-2002-0177 | 0.04 | — | 0.10 | Apr 22, 2002 | Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request from an MP3 client. | |||
| CVE-2001-0784 | 0.04 | — | 0.09 | Oct 18, 2001 | Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters. | |||
| CVE-2001-1083 | 0.04 | — | 0.10 | Jun 26, 2001 | Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash). | |||
| CVE-2001-0197 | 0.04 | — | 0.13 | Mar 26, 2001 | Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands. | |||
| CVE-2002-1982 | 0.03 | — | 0.03 | Dec 31, 2002 | Directory traversal vulnerability in the list_directory function in Icecast 1.3.12 allows remote attackers to determine if a directory exists via a .. (dot dot) in the GET request, which returns different error messages depending on whether the directory exists or not. | |||
| CVE-2024-56431 | 0.01 | — | 0.02 | Dec 25, 2024 | oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift. NOTE: this is disputed by third parties because there is no evidence of a security impact, e.g., an application would not crash. | |||
| CVE-2014-9028 | 0.01 | — | 0.10 | Nov 26, 2014 | Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file. |
- risk 0.64cvss 9.8epss 0.06
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.
- risk 0.58cvss 8.8epss 0.05
The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact via a crafted mp4 file.
- risk 0.57cvss 8.8epss 0.03
mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file.
- risk 0.53cvss 8.2epss 0.01
A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow…
- risk 0.49cvss 7.5epss 0.02
bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.
- risk 0.42cvss 6.5epss 0.02
In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis().
- risk 0.39cvss 5.5epss 0.04
The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service (memory corruption) via a crafted MP3 file.
- risk 0.39cvss 5.5epss 0.05
The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (OOM) via a crafted wav file.
- risk 0.39cvss 5.5epss 0.04
The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file.
- risk 0.29cvss 5.6epss 0.00
A flaw was found in libtheora. This heap-based out-of-bounds read vulnerability exists within the AVI (Audio Video Interleave) parser, specifically in the avi_parse_input_file() function. A local attacker could exploit this by tricking a user into opening a specially crafted AVI…
- CVE-2004-1561Dec 31, 2004risk 0.09cvss —epss 0.78
Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a large number of headers.
- CVE-2018-18820Nov 5, 2018risk 0.05cvss —epss 0.49
A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote…
- CVE-2005-0838May 2, 2005risk 0.04cvss —epss 0.09
Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow attackers to cause a denial of service and possibly execute arbitrary code via (1) a long test value in an xsl:when tag, (2) a long test value in an xsl:if tag, or (3) a long select value in an xsl:value-of…
- CVE-2002-0177Apr 22, 2002risk 0.04cvss —epss 0.10
Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request from an MP3 client.
- CVE-2001-0784Oct 18, 2001risk 0.04cvss —epss 0.09
Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters.
- CVE-2001-1083Jun 26, 2001risk 0.04cvss —epss 0.10
Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash).
- CVE-2001-0197Mar 26, 2001risk 0.04cvss —epss 0.13
Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands.
- CVE-2002-1982Dec 31, 2002risk 0.03cvss —epss 0.03
Directory traversal vulnerability in the list_directory function in Icecast 1.3.12 allows remote attackers to determine if a directory exists via a .. (dot dot) in the GET request, which returns different error messages depending on whether the directory exists or not.
- CVE-2024-56431Dec 25, 2024risk 0.01cvss —epss 0.02
oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift. NOTE: this is disputed by third parties because there is no evidence of a security impact, e.g., an application would not crash.
- CVE-2014-9028Nov 26, 2014risk 0.01cvss —epss 0.10
Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.