1.0.28

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-21	CVE-2019-3832	Out-of-bounds Read vulnerability in multiple products It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. local low complexity libsndfile-project debian canonical CWE-125	5.5
2018-11-30	CVE-2018-19758	Out-of-bounds Read vulnerability in multiple products There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. network libsndfile-project debian CWE-125	4.3
2018-11-29	CVE-2018-19662	Out-of-bounds Read vulnerability in multiple products An issue was discovered in libsndfile 1.0.28. network libsndfile-project debian CWE-125	5.8
2018-11-29	CVE-2018-19661	Out-of-bounds Read vulnerability in multiple products An issue was discovered in libsndfile 1.0.28. network libsndfile-project debian CWE-125	4.3
2018-11-22	CVE-2018-19432	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in libsndfile 1.0.28. network libsndfile-project debian CWE-476	4.3
2018-07-07	CVE-2018-13419	Missing Release of Resource after Effective Lifetime vulnerability in Libsndfile Project Libsndfile 1.0.28 An issue has been found in libsndfile 1.0.28. network low complexity libsndfile-project CWE-772	6.5
2018-07-04	CVE-2018-13139	Out-of-bounds Write vulnerability in multiple products A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. network libsndfile-project debian CWE-787	6.8
2017-09-21	CVE-2017-14246	Out-of-bounds Read vulnerability in multiple products An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. network libsndfile-project debian CWE-125	5.8
2017-09-21	CVE-2017-14245	Out-of-bounds Read vulnerability in multiple products An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. network libsndfile-project debian CWE-125	5.8
2017-09-21	CVE-2017-14634	Divide By Zero vulnerability in multiple products In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file. network libsndfile-project debian CWE-369	4.3