Vulnerabilities (CVE)

Filtered by vendor Libsndfile Project Subscribe
Total 29 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-16942 1 Libsndfile Project 1 Libsndfile 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists in the function wav_w64_read_fmt_chunk() in wav_w64.c, which may lead to DoS when playing a crafted audio file.
CVE-2017-14634 2 Debian, Libsndfile Project 2 Debian Linux, Libsndfile 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file.
CVE-2017-14246 2 Debian, Libsndfile Project 2 Debian Linux, Libsndfile 2024-11-21 5.8 MEDIUM 8.1 HIGH
An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.
CVE-2017-14245 2 Debian, Libsndfile Project 2 Debian Linux, Libsndfile 2024-11-21 5.8 MEDIUM 8.1 HIGH
An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.
CVE-2017-12562 2 Debian, Libsndfile Project 2 Debian Linux, Libsndfile 2024-11-21 7.5 HIGH 9.8 CRITICAL
Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
CVE-2014-9756 3 Canonical, Libsndfile Project, Opensuse 4 Ubuntu Linux, Libsndfile, Leap and 1 more 2024-11-21 5.0 MEDIUM N/A
The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable.
CVE-2014-9496 5 Canonical, Debian, Libsndfile Project and 2 more 5 Ubuntu Linux, Debian Linux, Libsndfile and 2 more 2024-11-21 2.1 LOW N/A
The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read.
CVE-2024-50612 1 Libsndfile Project 1 Libsndfile 2024-11-05 N/A 5.5 MEDIUM
libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read.
CVE-2024-50613 1 Libsndfile Project 1 Libsndfile 2024-10-31 N/A 6.5 MEDIUM
libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.