CVE-2025-24230

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. Playing a malicious audio file may lead to an unexpected...

CVE-2025-24230

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. Playing a malicious audio file may lead to an unexpected...

PT-2025-13912 · Apple · Macos Sonoma +7

Name of the Vulnerable Software and Affected Versions: macOS Ventura versions prior to 13.7.5 tvOS versions prior to 18.4 iPadOS versions prior to 17.7.6 iOS versions prior to 18.4 iPadOS versions prior to 18.4 macOS Sequoia versions prior to 15.4 macOS Sonoma versions prior to 14.7.5 visionOS...

The vulnerability of the vorbis_analysis_wrote() function in the libsndfile library for reading and writing audio files allows a hacker to execute arbitrary code.

The vulnerability of the vorbisanalysiswrote function in the libsndfile library, a library for reading and writing audio files, is related to reading values outside of the allowed range. Exploiting this vulnerability could allow an attacker to execute arbitrary code on the target system...

CVE-2024-7771

A vulnerability in the Dockerized version of mintplex-labs/anything-llm latest, digest 1d9452da2b92 allows for a denial of service. Uploading an audio file with a very low sample rate causes the functionality responsible for transcribing it to crash the entire site instance. The issue arises from...

CVE-2024-7771

A vulnerability in the Dockerized version of mintplex-labs/anything-llm latest, digest 1d9452da2b92 allows for a denial of service. Uploading an audio file with a very low sample rate causes the functionality responsible for transcribing it to crash the entire site instance. The issue arises from...

CVE-2024-7771

A vulnerability in the Dockerized version of mintplex-labs/anything-llm latest, digest 1d9452da2b92 allows for a denial of service. Uploading an audio file with a very low sample rate causes the functionality responsible for transcribing it to crash the entire site instance. The issue arises from...

CVE-2024-7771 Denial of Service in mintplex-labs/anything-llm

A vulnerability in the Dockerized version of mintplex-labs/anything-llm latest, digest 1d9452da2b92 allows for a denial of service. Uploading an audio file with a very low sample rate causes the functionality responsible for transcribing it to crash the entire site instance. The issue arises from...

CVE-2024-7771 Denial of Service in mintplex-labs/anything-llm

A vulnerability in the Dockerized version of mintplex-labs/anything-llm latest, digest 1d9452da2b92 allows for a denial of service. Uploading an audio file with a very low sample rate causes the functionality responsible for transcribing it to crash the entire site instance. The issue arises from...

PT-2025-12191 · Mintplex · Anything-Llm

Name of the Vulnerable Software and Affected Versions: mintplex-labs/anything-llm version 1d9452da2b92 Description: A denial of service issue arises when uploading an audio file with a very low sample rate, causing the site instance to crash. This occurs due to the localWhisper implementation,...

libsndfile:1.0.31 security update

An update is available for libsndfile. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libsndfile is a C library for reading and writing files containing sampled...

Linux Distros Unpatched Vulnerability : CVE-2022-24599

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive...

Linux Distros Unpatched Vulnerability : CVE-2017-6836

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the Expand3To4Module::run function in libaudiofile/modules/SimpleModule.h in Audio File Library aka audiofile 0.3.6, 0.3.5, 0.3.4,...

Linux Distros Unpatched Vulnerability : CVE-2017-15371

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a reachable assertion abort in the function soxappendcomment in formats.c in Sound eXchange SoX 14.4.2. A Crafted input will lead to a denial of servic...

Linux Distros Unpatched Vulnerability : CVE-2017-6838

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in sfcommands/sfconvert.c in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service crash via a crafted...

Linux Distros Unpatched Vulnerability : CVE-2018-11439

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure heap-based buffer over-re...

Linux Distros Unpatched Vulnerability : CVE-2017-6837

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WAVE.cpp in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service crash via vectors related to a large number of...

Linux Distros Unpatched Vulnerability : CVE-2017-6834

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the ulaw2linearbuf function in G711.cpp in Audio File Library aka audiofile 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7...

Linux Distros Unpatched Vulnerability : CVE-2017-6829

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The decodeSample function in IMA.cpp in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service crash via a crafted file...

Linux Distros Unpatched Vulnerability : CVE-2018-19840

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The function WavpackPackInit in packutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service resource exhaustion caused by...