Vulnerabilities > Libsndfile Project > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-18 | CVE-2022-33064 | Off-by-one Error vulnerability in Libsndfile Project Libsndfile 1.1.0 An off-by-one error in function wav_read_header in src/wav.c in Libsndfile 1.1.0, results in a write out of bound, which allows an attacker to execute arbitrary code, Denial of Service or other unspecified impacts. | 7.8 |
| 2023-07-18 | CVE-2022-33065 | Integer Overflow or Wraparound vulnerability in Libsndfile Project Libsndfile Multiple signed integers overflow in function au_read_header in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts. | 7.8 |
| 2022-03-23 | CVE-2021-4156 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. | 7.1 |
| 2021-07-20 | CVE-2021-3246 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file. | 8.8 |
| 2018-11-29 | CVE-2018-19662 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in libsndfile 1.0.28. | 8.1 |
| 2018-07-04 | CVE-2018-13139 | Out-of-bounds Write vulnerability in multiple products A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. | 8.8 |
| 2017-09-21 | CVE-2017-14246 | Out-of-bounds Read vulnerability in multiple products An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. | 8.1 |
| 2017-09-21 | CVE-2017-14245 | Out-of-bounds Read vulnerability in multiple products An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. | 8.1 |
| 2017-06-12 | CVE-2017-6892 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libsndfile Project Libsndfile 1.0.28 In libsndfile version 1.0.28, an error in the "aiff_read_chanmap()" function (aiff.c) can be exploited to cause an out-of-bounds read memory access via a specially crafted AIFF file. | 8.8 |
| 2017-04-30 | CVE-2017-8361 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file. | 8.8 |