Vulnerabilities > Wavpack > Wavpack > 4.41.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-07-11 | CVE-2019-1010319 | Use of Uninitialized Resource vulnerability in multiple products WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. | 5.5 |
2019-07-11 | CVE-2019-1010317 | Use of Uninitialized Resource vulnerability in multiple products WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. | 5.5 |
2019-07-11 | CVE-2019-1010315 | Divide By Zero vulnerability in multiple products WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. | 5.5 |
2019-04-24 | CVE-2019-11498 | Access of Uninitialized Pointer vulnerability in multiple products WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file that lacks valid sample-rate data. | 6.5 |
2018-12-04 | CVE-2018-19841 | Out-of-bounds Read vulnerability in multiple products The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack. | 5.5 |
2018-12-04 | CVE-2018-19840 | Infinite Loop vulnerability in multiple products The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (resource exhaustion caused by an infinite loop) via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero. | 5.5 |
2018-04-29 | CVE-2018-10540 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in WavPack 5.1.0 and earlier for W64 input. | 5.5 |
2018-04-29 | CVE-2018-10539 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. | 5.5 |
2018-04-29 | CVE-2018-10538 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in WavPack 5.1.0 and earlier for WAV input. | 5.5 |
2018-04-29 | CVE-2018-10537 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in WavPack 5.1.0 and earlier. | 7.8 |