Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected.

Potential double free in Bluez 5 module of PulseAudio could allow a local attacker to leak memory or crash the program. The modarg

An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a byp

The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers

The pa_make_secure_dir function in core-util.c in PulseAudio 0.9.10 and 0.9.19 allows local users to change the ownership and perm

Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a h

The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) set

PulseAudio 0.9.5 allows remote attackers to cause a denial of service (daemon crash) via (1) a PA_PSTREAM_DESCRIPTOR_LENGTH value