Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libsndfile project libsndfile vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2021-4156
An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricking a user to open or otherwise) to an application linked with libsndfile and using the FLAC codec, could trigger an out-of-bou...
Libsndfile Project Libsndfile 1.1.10
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2018-19758
There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service.
Libsndfile Project Libsndfile 1.0.28
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2018-19661
An issue exists in libsndfile 1.0.28. There is a buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service.
Libsndfile Project Libsndfile 1.0.28
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2018-19432
An issue exists in libsndfile 1.0.28. There is a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service.
Libsndfile Project Libsndfile 1.0.28
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2018-13419
An issue has been found in libsndfile 1.0.28. There is a memory leak in psf_allocate in common.c, as demonstrated by sndfile-convert. NOTE: The maintainer and third parties were unable to reproduce and closed the issue
Libsndfile Project Libsndfile 1.0.28
6.5
CVSSv3
CVE-2017-16942
In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists in the function wav_w64_read_fmt_chunk() in wav_w64.c, which may lead to DoS when playing a crafted audio file.
Libsndfile Project Libsndfile 1.0.25
6.5
CVSSv3
CVE-2017-14634
In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file.
Libsndfile Project Libsndfile 1.0.28
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2017-8365
The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote malicious users to cause a denial of service (buffer over-read and application crash) via a crafted audio file.
Libsndfile Project Libsndfile 1.0.28
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2017-8362
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote malicious users to cause a denial of service (invalid read and application crash) via a crafted audio file.
Libsndfile Project Libsndfile 1.0.28
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2017-8363
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file.
Libsndfile Project Libsndfile 1.0.28
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »