Aggregates CVE and security vulnerability intelligence across all audiocoding-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow and vendor risk memory corruption and related problems; some flaws may lead to vendor impact application crash and vendor impact memory corruption.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2018-19504 | An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There is a NULL pointer dereference in ifilter_bank() in libfaad/filtbank.c. | [email protected] | 7.8 | 0.31% | 2018-11-23 | 2024-11-21 |
| CVE-2018-19503 | An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a stack-based buffer overflow in the function calculate_gain() in libfaad/sbr_hfadj.c. | [email protected] | 7.8 | 0.30% | 2018-11-23 | 2024-11-21 |
| CVE-2018-19502 | An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a heap-based buffer overflow in the function excluded_channels() in libfaad/syntax.c. | [email protected] | 7.8 | 0.30% | 2018-11-23 | 2024-11-21 |
| CVE-2017-9257 | The mp4ff_read_ctts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file. | [email protected] | 5.5 | 0.26% | 2017-06-27 | 2026-05-13 |
| CVE-2017-9256 | The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file. | [email protected] | 5.5 | 0.26% | 2017-06-27 | 2026-05-13 |
| CVE-2017-9255 | The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file. | [email protected] | 5.5 | 0.26% | 2017-06-27 | 2026-05-13 |
| CVE-2017-9254 | The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file. | [email protected] | 5.5 | 0.26% | 2017-06-27 | 2026-05-13 |
| CVE-2017-9253 | The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file. | [email protected] | 5.5 | 0.26% | 2017-06-27 | 2026-05-13 |
| CVE-2017-9223 | The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file. | [email protected] | 5.5 | 0.24% | 2017-06-27 | 2026-05-13 |
| CVE-2017-9222 | The mp4ff_parse_tag function in common/mp4ff/mp4meta.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted mp4 file. | [email protected] | 5.5 | 0.26% | 2017-06-27 | 2026-05-13 |
| CVE-2017-9221 | The mp4ff_read_mdhd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file. | [email protected] | 5.5 | 0.24% | 2017-06-27 | 2026-05-13 |
| CVE-2017-9220 | The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (memory allocation error) via a crafted mp4 file. | [email protected] | 5.5 | 0.24% | 2017-06-27 | 2026-05-13 |
| CVE-2017-9219 | The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (memory allocation error and application crash) via a crafted mp4 file. | [email protected] | 5.5 | 0.24% | 2017-06-27 | 2026-05-13 |
| CVE-2017-9218 | The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file. | [email protected] | 5.5 | 0.24% | 2017-06-27 | 2026-05-13 |
| CVE-2017-9129 | The wav_open_read function in frontend/input.c in Freeware Advanced Audio Coder (FAAC) 1.28 allows remote attackers to cause a denial of service (large loop) via a crafted wav file. | [email protected] | 5.5 | 0.81% | 2017-06-21 | 2026-05-13 |
| CVE-2008-4201 | Heap-based buffer overflow in the decodeMP4file function (frontend/main.c) in FAAD2 2.6.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MPEG-4 (MP4) file. | [email protected] | 9.3 | 6.55% | 2008-09-24 | 2026-04-23 |