Vulnerabilities > Symonics
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-29 | CVE-2021-3756 | Out-of-bounds Write vulnerability in multiple products libmysofa is vulnerable to Heap-based Buffer Overflow | 9.8 |
| 2021-02-08 | CVE-2020-36152 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA. | 8.8 |
| 2021-02-08 | CVE-2020-36151 | Out-of-bounds Write vulnerability in multiple products Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block. | 6.5 |
| 2021-02-08 | CVE-2020-36150 | Out-of-bounds Read vulnerability in multiple products Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block. | 6.5 |
| 2021-02-08 | CVE-2020-36149 | NULL Pointer Dereference vulnerability in multiple products Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. | 6.5 |
| 2021-02-08 | CVE-2020-36148 | NULL Pointer Dereference vulnerability in multiple products Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. | 6.5 |
| 2020-01-13 | CVE-2020-6860 | Out-of-bounds Write vulnerability in multiple products libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute. | 8.8 |
| 2019-12-29 | CVE-2019-20063 | Improper Initialization vulnerability in Symonics Libmysofa hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json. | 8.8 |
| 2019-12-27 | CVE-2019-20016 | Out-of-bounds Write vulnerability in Symonics Libmysofa libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. | 6.5 |
| 2019-09-08 | CVE-2019-16095 | Out-of-bounds Read vulnerability in multiple products Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c. | 7.5 |