Vulnerabilities > Libsndfile Project > Libsndfile > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-27 | CVE-2024-50612 | Out-of-bounds Read vulnerability in Libsndfile Project Libsndfile libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read. | 5.5 |
| 2024-10-27 | CVE-2024-50613 | Reachable Assertion vulnerability in Libsndfile Project Libsndfile libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close. | 6.5 |
| 2019-03-21 | CVE-2019-3832 | Out-of-bounds Read vulnerability in multiple products It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. | 5.5 |
| 2018-11-30 | CVE-2018-19758 | Out-of-bounds Read vulnerability in multiple products There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. | 6.5 |
| 2018-11-29 | CVE-2018-19661 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in libsndfile 1.0.28. | 6.5 |
| 2018-11-22 | CVE-2018-19432 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in libsndfile 1.0.28. | 6.5 |
| 2018-07-07 | CVE-2018-13419 | Missing Release of Resource after Effective Lifetime vulnerability in Libsndfile Project Libsndfile 1.0.28 An issue has been found in libsndfile 1.0.28. | 6.5 |
| 2017-11-25 | CVE-2017-16942 | Divide By Zero vulnerability in Libsndfile Project Libsndfile 1.0.25 In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists in the function wav_w64_read_fmt_chunk() in wav_w64.c, which may lead to DoS when playing a crafted audio file. | 6.5 |
| 2017-09-21 | CVE-2017-14634 | Divide By Zero vulnerability in multiple products In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file. | 6.5 |
| 2017-04-30 | CVE-2017-8365 | Out-of-bounds Read vulnerability in multiple products The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file. | 6.5 |