Vulnerabilities > Libsndfile Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-03-21 | CVE-2019-3832 | Out-Of-Bounds Read vulnerability in Libsndfile Project Libsndfile 1.0.28 It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. | 1.9 |
2018-11-30 | CVE-2018-19758 | Out-Of-Bounds Read vulnerability in multiple products There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. | 4.3 |
2018-11-29 | CVE-2018-19662 | Out-Of-Bounds Read vulnerability in multiple products An issue was discovered in libsndfile 1.0.28. | 5.8 |
2018-11-29 | CVE-2018-19661 | Out-Of-Bounds Read vulnerability in multiple products An issue was discovered in libsndfile 1.0.28. | 4.3 |
2018-11-22 | CVE-2018-19432 | Null Pointer Dereference vulnerability in multiple products An issue was discovered in libsndfile 1.0.28. | 4.3 |
2018-07-07 | CVE-2018-13419 | Missing Release of Resource After Effective Lifetime vulnerability in Libsndfile Project Libsndfile 1.0.28 ** DISPUTED ** An issue has been found in libsndfile 1.0.28. | 4.3 |
2018-07-04 | CVE-2018-13139 | Out-Of-Bounds Write vulnerability in multiple products A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. | 6.8 |
2017-11-25 | CVE-2017-16942 | Divide BY Zero vulnerability in Libsndfile Project Libsndfile 1.0.25 In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists in the function wav_w64_read_fmt_chunk() in wav_w64.c, which may lead to DoS when playing a crafted audio file. | 4.3 |
2017-09-21 | CVE-2017-14246 | Out-Of-Bounds Read vulnerability in multiple products An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. | 5.8 |
2017-09-21 | CVE-2017-14245 | Out-Of-Bounds Read vulnerability in multiple products An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. | 5.8 |