Vulnerabilities > Libsndfile Project > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-10-27 CVE-2024-50613 Reachable Assertion vulnerability in Libsndfile Project Libsndfile
libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.
network
low complexity
libsndfile-project CWE-617
6.5
2019-03-21 CVE-2019-3832 Out-of-bounds Read vulnerability in multiple products
It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c.
5.5
2018-11-30 CVE-2018-19758 Out-of-bounds Read vulnerability in multiple products
There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service.
4.3
2018-11-29 CVE-2018-19662 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in libsndfile 1.0.28.
5.8
2018-11-29 CVE-2018-19661 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in libsndfile 1.0.28.
4.3
2018-11-22 CVE-2018-19432 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in libsndfile 1.0.28.
4.3
2018-07-07 CVE-2018-13419 Missing Release of Resource after Effective Lifetime vulnerability in Libsndfile Project Libsndfile 1.0.28
An issue has been found in libsndfile 1.0.28.
network
low complexity
libsndfile-project CWE-772
6.5
2018-07-04 CVE-2018-13139 Out-of-bounds Write vulnerability in multiple products
A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file.
6.8
2017-11-25 CVE-2017-16942 Divide By Zero vulnerability in Libsndfile Project Libsndfile 1.0.25
In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists in the function wav_w64_read_fmt_chunk() in wav_w64.c, which may lead to DoS when playing a crafted audio file.
4.3
2017-09-21 CVE-2017-14246 Out-of-bounds Read vulnerability in multiple products
An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.
5.8