← Back

Flac

flac

6 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Libflac
libflac
6 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2014-9028
1Flac
1Libflac
May 6, 2026
Nov 26, 2014
N/A· v4
N/A· v3
7.5 HIGH· v2
Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.
CVE-2014-8962
1Flac
1Libflac
May 6, 2026
Nov 26, 2014
N/A· v4
N/A· v3
7.5 HIGH· v2
Stack-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.
CVE-2007-6279
1Flac
1Libflac
Apr 23, 2026
Dec 7, 2007
N/A· v4
N/A· v3
9.3 HIGH· v2
Multiple double free vulnerabilities in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed (1) Seektable values or (2) Seektable Data Offset...Show more
Multiple double free vulnerabilities in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed (1) Seektable values or (2) Seektable Data Offsets in a .FLAC file.Show less
CVE-2007-6278
1Flac
1Libflac
Apr 23, 2026
Dec 7, 2007
N/A· v4
N/A· v3
9.3 HIGH· v2
Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allows user-assisted remote attackers to force a client to download arbitrary files via the MIME-Type URL flag (-->) for the FLAC image file in a crafted .FLAC file.
CVE-2007-6277
1Flac
1Libflac
Apr 23, 2026
Dec 7, 2007
N/A· v4
N/A· v3
9.3 HIGH· v2
Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large (1) Metadata Block Size, (2) VORBIS Comment String Size, (3) Pic...Show more
Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large (1) Metadata Block Size, (2) VORBIS Comment String Size, (3) Picture Metadata MIME-TYPE Size, (4) Picture Description Size, (5) Picture Data Length, (6) Padding Length, and (7) PICTURE Metadata width and height values in a .FLAC file, which result in a heap-based overflow; and large (8) VORBIS Comment String Size Length, (9) Picture MIME-Type, (10) Picture MIME-Type URL, and (11) Picture Description Length values in a .FLAC file, which result in a stack-based overflow. NOTE: some of these issues may overlap CVE-2007-4619.Show less
CVE-2007-4619
2Flac
Nullsoft
2Libflac
Winamp
Apr 23, 2026
Oct 12, 2007
N/A· v4
N/A· v3
9.3 HIGH· v2
Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC fi...Show more
Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer overflow.Show less