Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libsndfile project libsndfile vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-33064
An off-by-one error in function wav_read_header in src/wav.c in Libsndfile 1.1.0, results in a write out of bound, which allows an malicious user to execute arbitrary code, Denial of Service or other unspecified impacts.
Libsndfile Project Libsndfile 1.1.0
7.8
CVSSv3
CVE-2022-33065
Multiple signed integers overflow in function au_read_header in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c in Libsndfile, allows an malicious user to cause Denial of Service or other unspecified impacts.
Libsndfile Project Libsndfile -
7.1
CVSSv3
CVE-2021-4156
An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricking a user to open or otherwise) to an application linked with libsndfile and using the FLAC codec, could trigger an out-of-bou...
Libsndfile Project Libsndfile 1.1.10
Debian Debian Linux 9.0
Debian Debian Linux 10.0
8.8
CVSSv3
CVE-2021-3246
A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows malicious users to execute arbitrary code via a crafted WAV file.
Libsndfile Project Libsndfile 1.0.30
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2019-3832
It exists the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. A local attacker may use this flaw to make the application crash.
Libsndfile Project Libsndfile 1.0.28
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 16.04
6.5
CVSSv3
CVE-2018-19758
There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service.
Libsndfile Project Libsndfile 1.0.28
Debian Debian Linux 8.0
8.1
CVSSv3
CVE-2018-19662
An issue exists in libsndfile 1.0.28. There is a buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service.
Libsndfile Project Libsndfile 1.0.28
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2018-19661
An issue exists in libsndfile 1.0.28. There is a buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service.
Libsndfile Project Libsndfile 1.0.28
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2018-19432
An issue exists in libsndfile 1.0.28. There is a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service.
Libsndfile Project Libsndfile 1.0.28
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2018-13419
An issue has been found in libsndfile 1.0.28. There is a memory leak in psf_allocate in common.c, as demonstrated by sndfile-convert. NOTE: The maintainer and third parties were unable to reproduce and closed the issue
Libsndfile Project Libsndfile 1.0.28
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »