CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-15296 – Debian Security Advisory 4522-1
https://notcve.org/view.php?id=CVE-2019-15296
21 Aug 2019 — An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The faad_resetbits function in libfaad/bits.c is affected by a buffer overflow vulnerability. The number of bits to be read is determined by ld->buffer_size - words*4, cast to uint32. If ld->buffer_size - words*4 is negative, a buffer overflow is later performed via getdword_n(&ld->start[words], ld->bytes_left). Permisos inapropiados en el instalador para Intel® Remote Displays SDK versiones anteriores a 2.0.1 R2, pueden permitir a ... • https://github.com/knik0/faad2/commit/942c3e0aee748ea6fe97cb2c1aa5893225316174 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 1CVE-2019-6956 – Debian Security Advisory 5109-1
https://notcve.org/view.php?id=CVE-2019-6956
25 Jan 2019 — An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. It is a buffer over-read in ps_mix_phase in libfaad/ps_dec.c. Se ha descubierto un problema en la versión 2.8.8 de Freeware Advanced Audio Decoder 2 (FAAD2). Se trata de una sobrelectura de búfer en ps_mix_phase en libfaad/ps_dec.c. Multiple vulnerabilities have been discovered in the freeware Advanced Audio Decoder, which may result in denial of service or potentially the execution of arbitrary code if malformed media files are pro... • https://github.com/TeamSeri0us/pocs/blob/master/faad/global-buffer-overflow%40ps_mix_phase.md • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20362 – Debian Security Advisory 4522-1
https://notcve.org/view.php?id=CVE-2018-20362
22 Dec 2018 — A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash because adding to windowed output is mishandled in the EIGHT_SHORT_SEQUENCE case. Se ha descubierto una desreferencia de puntero NULL en ifilter_bank de libfaad/filtbank.c en Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. Esta vulnerabilidad causa un error de segmentación y el cierre inesperado de la aplicaci... • https://github.com/knik0/faad2/issues/26 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20357 – Debian Security Advisory 4522-1
https://notcve.org/view.php?id=CVE-2018-20357
22 Dec 2018 — A NULL pointer dereference was discovered in sbr_process_channel of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash. Se ha descubierto una desreferencia de puntero NULL en sbr_process_channel de libfaad/sbr_dec.c en Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. Esta vulnerabilidad causa un error de segmentación y el cierre inesperado de la aplicación. Multiple vulnerabilities have been discovered in faad2, the Freew... • https://github.com/knik0/faad2/issues/28 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-20360 – Debian Security Advisory 5109-1
https://notcve.org/view.php?id=CVE-2018-20360
22 Dec 2018 — An invalid memory address dereference was discovered in the sbr_process_channel function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. Se ha descubierto una desreferencia de dirección de memoria inválida en la función sbr_process_channel de libfaad/sbr_dec.c en Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. Esta vulnerabilidad causa un error de segmentación y el cierre inespera... • https://github.com/knik0/faad2/issues/32 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20358 – Debian Security Advisory 4522-1
https://notcve.org/view.php?id=CVE-2018-20358
22 Dec 2018 — An invalid memory address dereference was discovered in the lt_prediction function of libfaad/lt_predict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. Se ha descubierto una desreferencia de puntero NULL en la función lt_prediction de libfaad/lt_predict.c en Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. Esta vulnerabilidad causa un error de segmentación y el cierre inesperado de la aplicación, lo... • https://github.com/knik0/faad2/issues/31 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20361 – Debian Security Advisory 4522-1
https://notcve.org/view.php?id=CVE-2018-20361
22 Dec 2018 — An invalid memory address dereference was discovered in the hf_assembly function of libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. Se ha descubierto una desreferencia de dirección de memoria inválida en la función hf_assembly de libfaad/sbr_hfadj.c en Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. Esta vulnerabilidad causa un error de segmentación y el cierre inesperado de la apl... • https://github.com/knik0/faad2/issues/30 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20359 – Debian Security Advisory 4522-1
https://notcve.org/view.php?id=CVE-2018-20359
22 Dec 2018 — An invalid memory address dereference was discovered in the sbrDecodeSingleFramePS function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. Se ha descubierto una desreferencia de dirección de memoria inválida en la función sbrDecodeSingleFramePS de libfaad/sbr_dec.c en Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. Esta vulnerabilidad causa un error de segmentación y el cierre in... • https://github.com/knik0/faad2/issues/29 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-20199 – Debian Security Advisory 5109-1
https://notcve.org/view.php?id=CVE-2018-20199
18 Dec 2018 — A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the ONLY_LONG_SEQUENCE case. Se ha descubierto una desreferencia de puntero NULL en ifilter_bank de libfaad/filtbank.c en Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. Esta vulnerabilidad causa un error de segmentación y el ... • https://github.com/knik0/faad2/issues/24 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20197 – Debian Security Advisory 4522-1
https://notcve.org/view.php?id=CVE-2018-20197
18 Dec 2018 — There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy level is mishandled for the G_max > G case. Hay un subdesbordamiento de búfer basado en pila en la tercera instancia de la función calculate_gain en libfaad/sbr_hfadj.c en Freeware Advanced Audio Decoder 2 (FAAD2)... • https://github.com/knik0/faad2/issues/20 • CWE-787: Out-of-bounds Write •