VYPR

Vendor CVEs

Xiph.Org

All CVEs

50 total · sorted by risk
  • CVE-2017-14632CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.06

    Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.

  • CVE-2017-14160HigSep 21, 2017
    risk 0.58cvss 8.8epss 0.05

    The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact via a crafted mp4 file.

  • CVE-2018-10392HigApr 26, 2018
    risk 0.57cvss 8.8epss 0.03

    mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file.

  • CVE-2026-34253HigMay 15, 2026
    risk 0.53cvss 8.2epss 0.01

    A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow…

  • CVE-2018-10393HigApr 26, 2018
    risk 0.49cvss 7.5epss 0.02

    bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.

  • CVE-2017-14633MedSep 21, 2017
    risk 0.42cvss 6.5epss 0.02

    In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis().

  • CVE-2017-11548MedJul 31, 2017
    risk 0.39cvss 5.5epss 0.04

    The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service (memory corruption) via a crafted MP3 file.

  • CVE-2017-11333MedJul 31, 2017
    risk 0.39cvss 5.5epss 0.05

    The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (OOM) via a crafted wav file.

  • CVE-2017-11331MedJul 31, 2017
    risk 0.39cvss 5.5epss 0.04

    The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file.

  • CVE-2026-5673MedApr 6, 2026
    risk 0.29cvss 5.6epss 0.00

    A flaw was found in libtheora. This heap-based out-of-bounds read vulnerability exists within the AVI (Audio Video Interleave) parser, specifically in the avi_parse_input_file() function. A local attacker could exploit this by tricking a user into opening a specially crafted AVI…

  • CVE-2004-1561Dec 31, 2004
    risk 0.09cvss epss 0.78

    Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a large number of headers.

  • CVE-2018-18820Nov 5, 2018
    risk 0.05cvss epss 0.49

    A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote…

  • CVE-2005-0838May 2, 2005
    risk 0.04cvss epss 0.09

    Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow attackers to cause a denial of service and possibly execute arbitrary code via (1) a long test value in an xsl:when tag, (2) a long test value in an xsl:if tag, or (3) a long select value in an xsl:value-of…

  • CVE-2002-0177Apr 22, 2002
    risk 0.04cvss epss 0.10

    Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request from an MP3 client.

  • CVE-2001-0784Oct 18, 2001
    risk 0.04cvss epss 0.09

    Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters.

  • CVE-2001-1083Jun 26, 2001
    risk 0.04cvss epss 0.10

    Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash).

  • CVE-2001-0197Mar 26, 2001
    risk 0.04cvss epss 0.13

    Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands.

  • CVE-2002-1982Dec 31, 2002
    risk 0.03cvss epss 0.03

    Directory traversal vulnerability in the list_directory function in Icecast 1.3.12 allows remote attackers to determine if a directory exists via a .. (dot dot) in the GET request, which returns different error messages depending on whether the directory exists or not.

  • CVE-2024-56431Dec 25, 2024
    risk 0.01cvss epss 0.02

    oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift. NOTE: this is disputed by third parties because there is no evidence of a security impact, e.g., an application would not crash.

  • CVE-2014-9028Nov 26, 2014
    risk 0.01cvss epss 0.10

    Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.

  • CVE-2008-1420May 16, 2008
    risk 0.01cvss epss 0.06

    Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow.

  • CVE-2008-1423May 16, 2008
    risk 0.01cvss epss 0.08

    Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a…

  • CVE-2020-22219Aug 22, 2023
    risk 0.00cvss epss 0.01

    Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder.

  • CVE-2022-47021Jan 20, 2023
    risk 0.00cvss epss 0.00

    A null pointer dereference issue was discovered in functions op_get_data and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts.

  • CVE-2020-23904Nov 10, 2021
    risk 0.00cvss epss 0.01

    A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo program.

  • CVE-2020-23903Nov 10, 2021
    risk 0.00cvss epss 0.01

    A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.

  • CVE-2020-20412Dec 26, 2020
    risk 0.00cvss epss 0.01

    lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file. NOTE: this may overlap CVE-2018-5146.

  • CVE-2015-6749Sep 21, 2015
    risk 0.00cvss epss 0.04

    Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file.

  • CVE-2015-3026Apr 29, 2015
    risk 0.00cvss epss 0.04

    Icecast before 2.4.2, when a stream_auth handler is defined for URL authentication, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request without login credentials, as demonstrated by a request to…

  • CVE-2014-9640Jan 23, 2015
    risk 0.00cvss epss 0.03

    oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.

  • CVE-2014-9639Jan 23, 2015
    risk 0.00cvss epss 0.04

    Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.

  • CVE-2014-9638Jan 23, 2015
    risk 0.00cvss epss 0.04

    oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.

  • CVE-2014-9091Dec 10, 2014
    risk 0.00cvss epss 0.00

    Icecast before 2.4.0 does not change the supplementary group privileges when is configured, which allows local users to gain privileges via unspecified vectors.

  • CVE-2014-9018Dec 3, 2014
    risk 0.00cvss epss 0.03

    Icecast before 2.4.1 transmits the output of the on-connect script, which might allow remote attackers to obtain sensitive information, related to shared file descriptors.

  • CVE-2011-4612Nov 20, 2012
    risk 0.00cvss epss 0.02

    icecast before 2.3.3 allows remote attackers to inject control characters such as newlines into the error loc (error.log) via a crafted URL.

  • CVE-2009-3389Dec 17, 2009
    risk 0.00cvss epss 0.05

    Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions.

  • CVE-2009-3379Oct 29, 2009
    risk 0.00cvss epss 0.05

    Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overlap CVE-2009-2663.

  • CVE-2008-1419May 16, 2008
    risk 0.00cvss epss 0.04

    Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow.

  • CVE-2008-2009May 16, 2008
    risk 0.00cvss epss 0.04

    Xiph.org libvorbis before 1.0 does not properly check for underpopulated Huffman trees, which allows remote attackers to cause a denial of service (crash) via a crafted OGG file that triggers memory corruption during execution of the _make_decode_tree function.

  • CVE-2008-1686Apr 8, 2008
    risk 0.00cvss epss 0.06

    Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a…

  • CVE-2007-4066Sep 21, 2007
    risk 0.00cvss epss 0.02

    Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow context-dependent attackers to cause a denial of service or have other unspecified impact via a crafted OGG file, aka trac Changesets 13162, 13168, 13169, 13170, 13172, 13211, and 13215, as demonstrated by an…

  • CVE-2007-4065Sep 21, 2007
    risk 0.00cvss epss 0.02

    lib/vorbisfile.c in libvorbisfile in Xiph.Org libvorbis before 1.2.0 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted OGG file, aka trac Changeset 13217.

  • CVE-2007-4029Jul 26, 2007
    risk 0.00cvss epss 0.02

    libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service via (1) an invalid mapping type, which triggers an out-of-bounds read in the vorbis_info_clear function in info.c, and (2) invalid blocksize values that…

  • CVE-2007-3106Jul 26, 2007
    risk 0.00cvss epss 0.03

    lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid (1) blocksize_0 and (2) blocksize_1 values, which trigger a "heap overwrite" in the _01inverse…

  • CVE-2007-1344Mar 8, 2007
    risk 0.00cvss epss 0.06

    Multiple buffer overflows in src/ezstream.c in Ezstream before 0.3.0 allow remote attackers to execute arbitrary code via a crafted XML configuration file processed by the (1) urlParse function, which causes a stack-based overflow and the (2) ReplaceString function, which causes…

  • CVE-2005-0837May 2, 2005
    risk 0.00cvss epss 0.02

    IceCast 2.20 allows remote attackers to bypass the XSL parser and obtain the source for XSL files via a request for a .xsl file with a trailing . (dot).

  • CVE-2004-0781Oct 20, 2004
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in list.cgi in the Icecast internal web server (icecast-server) 1.3.12 and earlier allows remote attackers to inject arbitrary web script via the UserAgent parameter.

  • CVE-2004-2027May 10, 2004
    risk 0.00cvss epss 0.02

    Buffer overflow in Icecast 2.0.0 and earlier allows remote attackers to cause a denial of service (crash) via a long Basic Authorization header that triggers an out-of-bounds read.

  • CVE-2001-1230Mar 13, 2001
    risk 0.00cvss epss 0.03

    Buffer overflows in Icecast before 1.3.10 allow remote attackers to cause a denial of service (crash) and execute arbitrary code.

  • CVE-2001-1229Mar 12, 2001
    risk 0.00cvss epss 0.03

    Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1.0.4 allow remote attackers to cause a denial of service (crash) and execute arbitrary code.