Vulnerabilities (CVE)

Filtered by vendor Xiph Subscribe
Filtered by product Vorbis-tools
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-43361 1 Xiph 1 Vorbis-tools 2024-11-21 N/A 7.8 HIGH
Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files.
CVE-2017-11331 1 Xiph 1 Vorbis-tools 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file.
CVE-2015-6749 1 Xiph 1 Vorbis-tools 2024-11-21 4.3 MEDIUM N/A
Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file.
CVE-2014-9640 2 Opensuse, Xiph 2 Opensuse, Vorbis-tools 2024-11-21 5.0 MEDIUM N/A
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.
CVE-2014-9639 3 Fedoraproject, Opensuse, Xiph 3 Fedora, Opensuse, Vorbis-tools 2024-11-21 5.0 MEDIUM N/A
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.
CVE-2014-9638 3 Fedoraproject, Opensuse, Xiph 3 Fedora, Opensuse, Vorbis-tools 2024-11-21 5.0 MEDIUM N/A
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.