Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libsndfile project libsndfile 1.0.28 vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2017-14245
An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.
Libsndfile Project Libsndfile 1.0.28
Debian Debian Linux 8.0
5.8
CVSSv2
CVE-2017-14246
An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.
Libsndfile Project Libsndfile 1.0.28
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2017-12562
Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile up to and including 1.0.28 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact.
Libsndfile Project Libsndfile 1.0.28
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2018-19432
An issue exists in libsndfile 1.0.28. There is a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service.
Libsndfile Project Libsndfile 1.0.28
Debian Debian Linux 8.0
5.8
CVSSv2
CVE-2018-19662
An issue exists in libsndfile 1.0.28. There is a buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service.
Libsndfile Project Libsndfile 1.0.28
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2017-7741
In libsndfile prior to 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
Libsndfile Project Libsndfile
4.3
CVSSv2
CVE-2017-7742
In libsndfile prior to 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
Libsndfile Project Libsndfile
4.3
CVSSv2
CVE-2017-7585
In libsndfile prior to 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
Libsndfile Project Libsndfile
1.9
CVSSv2
CVE-2019-3832
It exists the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. A local attacker may use this flaw to make the application crash.
Libsndfile Project Libsndfile 1.0.28
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 16.04
4.3
CVSSv2
CVE-2017-7586
In libsndfile prior to 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
Libsndfile Project Libsndfile
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »