Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xiph vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-43361
Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local malicious user to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files.
Xiph Vorbis-tools 1.4.2
NA
CVE-2022-47021
A null pointer dereference issue exists in functions op_get_data and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows malicious users to cause denial of service or other unspecified impacts.
Xiph Opusfile
Fedoraproject Fedora 36
Fedoraproject Fedora 37
383
VMScore
CVE-2020-23903
A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows malicious users to cause a denial of service (DoS) via a crafted WAV file.
Xiph Speex 1.2
Fedoraproject Fedora 34
Fedoraproject Fedora 35
383
VMScore
CVE-2020-23904
A stack buffer overflow in speexenc.c of Speex v1.2 allows malicious users to cause a denial of service (DoS) via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo program.
Xiph Speex 1.2
605
VMScore
CVE-2018-18820
A buffer overflow exists in the URL-authentication backend of the Icecast prior to 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code e...
Xiph Icecast
Debian Debian Linux 8.0
Debian Debian Linux 9.0
435
VMScore
CVE-2017-11331
The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote malicious users to cause a denial of service (memory allocation error) via a crafted wav file.
Xiph Vorbis-tools 1.4.0
1 EDB exploit
435
VMScore
CVE-2017-11548
The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 allows remote malicious users to cause a denial of service (memory corruption) via a crafted MP3 file.
Xiph Libao 1.2.0
1 EDB exploit
383
VMScore
CVE-2015-6749
Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted AIFF file.
Xiph Vorbis-tools
445
VMScore
CVE-2015-3026
Icecast prior to 2.4.2, when a stream_auth handler is defined for URL authentication, allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via a request without login credentials, as demonstrated by a request to "admin/killsource?mo...
Xiph Icecast
Debian Debian Linux 8.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
445
VMScore
CVE-2014-9638
oggenc in vorbis-tools 1.4.0 allows remote malicious users to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Xiph Vorbis-tools 1.4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »