Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libsndfile project libsndfile - vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2017-8363
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file.
Libsndfile Project Libsndfile 1.0.28
Debian Debian Linux 8.0
5.5
CVSSv3
CVE-2017-7741
In libsndfile prior to 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
Libsndfile Project Libsndfile
5.5
CVSSv3
CVE-2017-7742
In libsndfile prior to 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
Libsndfile Project Libsndfile
5.5
CVSSv3
CVE-2017-7585
In libsndfile prior to 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
Libsndfile Project Libsndfile
5.5
CVSSv3
CVE-2017-7586
In libsndfile prior to 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
Libsndfile Project Libsndfile
NA
CVE-2014-9756
The psf_fwrite function in file_io.c in libsndfile allows malicious users to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable.
Libsndfile Project Libsndfile
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Opensuse Leap 42.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
NA
CVE-2014-9496
The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows malicious users to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read.
Libsndfile Project Libsndfile
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Debian Debian Linux 9.0
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Oracle Solaris 11.2
NA
CVE-2009-1791
Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 up to and including 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via an AIF...
Nullsoft Winamp 5.552
Mega-nerd Libsndfile 1.0.18
Mega-nerd Libsndfile 1.0.19
Mega-nerd Libsndfile 1.0.15
Nullsoft Winamp 5.54
Nullsoft Winamp 5.5
Mega-nerd Libsndfile 1.0.17
Nullsoft Winamp 5.55
Nullsoft Winamp 5.51
Nullsoft Winamp 5.541
Nullsoft Winamp 5.52
Mega-nerd Libsndfile 1.0.16
NA
CVE-2009-1788
Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 up to and including 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a VOC f...
Nullsoft Winamp 5.552
Mega-nerd Libsndfile 1.0.18
Mega-nerd Libsndfile 1.0.19
Mega-nerd Libsndfile 1.0.15
Nullsoft Winamp 5.54
Nullsoft Winamp 5.5
Mega-nerd Libsndfile 1.0.17
Nullsoft Winamp 5.55
Nullsoft Winamp 5.51
Nullsoft Winamp 5.541
Nullsoft Winamp 5.52
Mega-nerd Libsndfile 1.0.16
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3