Vulnerabilities > Symonics > Libmysofa > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-02-08 CVE-2020-36151 Out-of-bounds Write vulnerability in multiple products
Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block.
network
low complexity
symonics fedoraproject CWE-787
6.5
2021-02-08 CVE-2020-36150 Out-of-bounds Read vulnerability in multiple products
Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block.
network
low complexity
symonics fedoraproject CWE-125
6.5
2021-02-08 CVE-2020-36149 NULL Pointer Dereference vulnerability in multiple products
Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g.
network
low complexity
symonics fedoraproject CWE-476
6.5
2021-02-08 CVE-2020-36148 NULL Pointer Dereference vulnerability in multiple products
Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g.
network
low complexity
symonics fedoraproject CWE-476
6.5
2019-12-29 CVE-2019-20063 Improper Initialization vulnerability in Symonics Libmysofa
hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json.
network
symonics CWE-665
6.8
2019-12-27 CVE-2019-20016 Out-of-bounds Write vulnerability in Symonics Libmysofa
libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c.
network
symonics CWE-787
4.3