Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wavpack vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-10536
An issue exists in WavPack 5.1.0 and previous versions. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks.
Wavpack Wavpack
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2018-10537
An issue exists in WavPack 5.1.0 and previous versions. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks.
Wavpack Wavpack
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2018-10538
An issue exists in WavPack 5.1.0 and previous versions for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within ...
Wavpack Wavpack
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2018-10539
An issue exists in WavPack 5.1.0 and previous versions for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection ...
Wavpack Wavpack
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2018-10540
An issue exists in WavPack 5.1.0 and previous versions for W64 input. Out-of-bounds writes can occur because ParseWave64HeaderConfig in wave64.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection wit...
Wavpack Wavpack
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2018-7253
The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote malicious user to cause a denial-of-service (heap-based buffer over-read) or possibly overwrite the heap via a maliciously crafted DSDIFF file.
Wavpack Wavpack 5.1.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 17.10
6.8
CVSSv2
CVE-2018-7254
The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote malicious user to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file.
Wavpack Wavpack 5.1.0
Debian Debian Linux 9.0
1 EDB exploit
6.8
CVSSv2
CVE-2018-6767
A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote malicious user to cause a denial-of-service attack or possibly have unspecified other impact via a maliciously crafted RF64 file.
Wavpack Wavpack 5.1.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
4.3
CVSSv2
CVE-2016-10170
The WriteCaffHeader function in cli/caff.c in Wavpack prior to 5.1.0 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted WV file.
Wavpack Project Wavpack
4.3
CVSSv2
CVE-2016-10172
The read_new_config_info function in open_utils.c in Wavpack prior to 5.1.0 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted WV file.
Wavpack Project Wavpack
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »