Denial Of Service (DoS)

aubio is vulnerable to denial of service DoS attack. The attack exists when a malicious audio file is input to the tempo.c, causing an application crash...

EulerOS 2.0 SP5 : libsndfile (EulerOS-SA-2019-1030)

According to the version of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application cra...

EulerOS 2.0 SP3 : libsndfile (EulerOS-SA-2019-1029)

According to the versions of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application...

SDL (Simple DirectMedia Layer) Buffer Overflow Vulnerability (CNVD-2019-29169)

Simple DirectMedia Layer SDL is a multi-platform library for accessing low-level hardware and graphics and providing support for games, software and emulators. A heap-based buffer overflow vulnerability exists in the 'IMAADPCMdecode' function of the audio/SDLwave.c file in SDL versions prior to...

ALPINE-CVE-2019-7574

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMAADPCMdecode in audio/SDLwave.c...

CVE-2019-7577

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDLLoadWAVRW in audio/SDLwave.c...

Denial Of Service (DoS) Through Out-of-Bounds Write

libvorbis.so is vulnerable to out-of-bounds write. A malicious user can pass a audio file that when processed causes a out-of-bounds write that can lead to arbitrary code execution or to the application crashing...

Arbitrary Code Execution

flac is vulnerable to arbitrary code execution. A stack-based buffer overflow in streamdecoder.c allows an attacker to pass a malicious FLAC audio file to execute arbitrary code or crash the process when the file is read...

EulerOS 2.0 SP2 : libsndfile (EulerOS-SA-2018-1447)

According to the version of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application cra...

Debian DLA-1618-1 : libsndfile security update

Multiple vulnerabilities have been found in libsndfile, the library for reading and writing files containing sampled sound. CVE-2017-8361 The flacbuffercopy function flac.c is affected by a buffer overflow. This vulnerability might be leveraged by remote attackers to cause a denial of service, or...

Debian: Security Advisory (DLA-1618-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Code injection

The function WavpackPackInit in packutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service resource exhaustion caused by an infinite loop via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero...

CVE-2018-19841

The function WavpackVerifySingleBlock in openutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service out-of-bounds read and application crash via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack...

CVE-2018-19840

The function WavpackPackInit in packutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service resource exhaustion caused by an infinite loop via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero...

ALPINE-CVE-2018-19841

The function WavpackVerifySingleBlock in openutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service out-of-bounds read and application crash via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack...

CVE-2018-19840

The function WavpackPackInit in packutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service resource exhaustion caused by an infinite loop via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero...

CVE-2018-19840

The function WavpackPackInit in packutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service resource exhaustion caused by an infinite loop via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero...

CVE-2018-19841

The function WavpackVerifySingleBlock in openutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service out-of-bounds read and application crash via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack...

CVE-2018-19840

The function WavpackPackInit in packutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service resource exhaustion caused by an infinite loop via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero...

WordPress 4.1.x < 4.1.16 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability exists in the wpplaylistshortcode function within the /wp-includes/media.php script due to a failure to validate input passed via...