Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2018-14523

Published: 23/07/2018 Updated: 03/10/2019
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Aubio

Vulnerability Summary

An issue exists in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes.

Vulnerable Product Search on Vulmon Subscribe to Product

aubio aubio 0.4.6

opensuse leap 15.0

suse linux enterprise 15.0

opensuse leap 42.3

Vendor Advisories

Debian CVElist Bug Report Logs: aubio: CVE-2018-14523: global-buffer-overflow
Debian Bug report logs - #904906 aubio: CVE-2018-14523: global-buffer-overflow Package: src:aubio; Maintainer for src:aubio is Paul Brossier <piem@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 29 Jul 2018 11:21:02 UTC Severity: important Tags: fixed-upstream, security, upstream Found ...
Debian CVElist Bug Report Logs: aubio: CVE-2017-17554
Debian Bug report logs - #884237 aubio: CVE-2017-17554 Package: src:aubio; Maintainer for src:aubio is Paul Brossier <piem@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 12 Dec 2017 20:33:05 UTC Severity: important Tags: security, upstream Found in version aubio/045-1 Fixed in versio ...
Debian CVElist Bug Report Logs: aubio: CVE-2017-17054: divide by zero in function new_aubio_source_wavread()
Debian Bug report logs - #883355 aubio: CVE-2017-17054: divide by zero in function new_aubio_source_wavread() Package: src:aubio; Maintainer for src:aubio is Paul Brossier <piem@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 2 Dec 2017 21:36:01 UTC Severity: important Tags: fixed-upstr ...
Debian CVElist Bug Report Logs: ffmpeg: CVE-2017-17555
Debian Bug report logs - #884232 ffmpeg: CVE-2017-17555 Package: src:aubio; Maintainer for src:aubio is Paul Brossier <piem@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 12 Dec 2017 20:18:04 UTC Severity: normal Tags: security, upstream Found in version aubio/045-1 Fixed in version ...
Debian CVElist Bug Report Logs: aubio: CVE-2018-14521: SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c
Debian Bug report logs - #904908 aubio: CVE-2018-14521: SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodecc Package: src:aubio; Maintainer for src:aubio is Paul Brossier <piem@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 29 Jul 2018 11:27:01 UTC Severity: im ...
Debian CVElist Bug Report Logs: aubio: CVE-2018-14522: SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c
Debian Bug report logs - #904907 aubio: CVE-2018-14522: SEGV signal can occur in aubio_pitch_set_unit in pitch/pitchc Package: src:aubio; Maintainer for src:aubio is Paul Brossier <piem@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 29 Jul 2018 11:24:01 UTC Severity: important Tags: fi ...

References

CWE-125https://github.com/aubio/aubio/issues/189http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00031.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-04/msg00071.htmlhttps://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904906
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook