| CVE-2021-4156 |
AVG-2705 |
High |
Unknown |
Unknown |
An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricking a... |
| CVE-2019-3832 |
AVG-1550 |
Medium |
No |
Information disclosure |
It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header()... |
| CVE-2018-19758 |
AVG-1550 |
Medium |
No |
Information disclosure |
There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. |
| CVE-2018-19662 |
AVG-1550 |
Medium |
No |
Information disclosure |
An issue was discovered in libsndfile 1.0.28. There is a buffer over- read in the function i2alaw_array in alaw.c that will lead to a denial of service. |
| CVE-2018-19661 |
AVG-1550 |
Medium |
No |
Information disclosure |
An issue was discovered in libsndfile 1.0.28. There is a buffer over- read in the function i2ulaw_array in ulaw.c that will lead to a denial of service. |
| CVE-2018-19432 |
AVG-1550 |
Low |
No |
Denial of service |
An issue was discovered in libsndfile 1.0.28. There is a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service. |
| CVE-2018-13139 |
AVG-1550 |
Medium |
No |
Arbitrary code execution |
A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or... |
| CVE-2017-14634 |
AVG-1550 |
Low |
No |
Denial of service |
In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file. |
| CVE-2017-14246 |
AVG-1550 |
Medium |
No |
Information disclosure |
An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to... |
| CVE-2017-14245 |
AVG-1550 |
Medium |
No |
Information disclosure |
An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to... |
| CVE-2017-12562 |
AVG-1550 |
Medium |
No |
Information disclosure |
A heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of... |
| CVE-2017-8365 |
AVG-1550 |
Low |
No |
Denial of service |
The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a... |
| CVE-2017-8363 |
AVG-1550 |
Low |
No |
Denial of service |
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (heap-based buffer over- read and... |
| CVE-2017-8362 |
AVG-1550 |
Low |
No |
Denial of service |
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (invalid read and application crash) via a... |
| CVE-2017-8361 |
AVG-1550 |
Medium |
No |
Information disclosure |
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or... |
| CVE-2017-6892 |
AVG-1550 |
Medium |
No |
Information disclosure |
In libsndfile version 1.0.28, an error in the "aiff_read_chanmap()" function (aiff.c) can be exploited to cause an out-of-bounds read memory access via a... |