Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wavpack vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2018-10539
An issue exists in WavPack 5.1.0 and previous versions for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection ...
Wavpack Wavpack
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2018-10540
An issue exists in WavPack 5.1.0 and previous versions for W64 input. Out-of-bounds writes can occur because ParseWave64HeaderConfig in wave64.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection wit...
Wavpack Wavpack
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2018-10536
An issue exists in WavPack 5.1.0 and previous versions. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks.
Wavpack Wavpack
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2018-10537
An issue exists in WavPack 5.1.0 and previous versions. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks.
Wavpack Wavpack
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2018-10538
An issue exists in WavPack 5.1.0 and previous versions for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within ...
Wavpack Wavpack
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2018-7253
The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote malicious user to cause a denial-of-service (heap-based buffer over-read) or possibly overwrite the heap via a maliciously crafted DSDIFF file.
Wavpack Wavpack 5.1.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 17.10
7.8
CVSSv3
CVE-2018-7254
The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote malicious user to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file.
Wavpack Wavpack 5.1.0
Debian Debian Linux 9.0
1 EDB exploit
7.8
CVSSv3
CVE-2018-6767
A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote malicious user to cause a denial-of-service attack or possibly have unspecified other impact via a maliciously crafted RF64 file.
Wavpack Wavpack 5.1.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
5.5
CVSSv3
CVE-2016-10172
The read_new_config_info function in open_utils.c in Wavpack prior to 5.1.0 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted WV file.
Wavpack Project Wavpack
5.5
CVSSv3
CVE-2016-10169
The read_code function in read_words.c in Wavpack prior to 5.1.0 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted WV file.
Wavpack Project Wavpack
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »