192 matches found
libsndfile: integer overflow in ima_reader_init()
A flaw was found in the libsndfile library. An integer overflow in the IMA ADPCM codec can occur when a specially crafted WAV audio file is processed, specifically with malicious samplesperblock and blocks values. This can lead to a heap-based buffer overflow, causing a crash to the application...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow through the drwavreadsmpltometadataobj function. An attacker can cause memory corruption by supplying a specially crafted WAV file that exploits a mismatch between sample loop count validation and processing,...
CVE-2026-29022
CVE-2026-29022 affects dr_libs/dr_wav.h up to version 0.14.4. The vulnerability is a heap buffer overflow in the function drwav__read_smpl_to_metadata_obj() , caused by a mismatch between sampleLoopCount validation in pass 1 and unconditional processing in pass 2, allowing memory corruption via c...
CVE-2020-37000 Free MP3 CD Ripper 2.8 - Stack Buffer Overflow (SEH + Egghunter)
Free MP3 CD Ripper 2.8 contains a stack buffer overflow vulnerability that allows remote attackers to execute arbitrary code by crafting a malicious WAV file with oversized payload. Attackers can leverage a specially crafted exploit file with shellcode, SEH bypass, and egghunter technique to...
CVE-2020-37000
CVE-2020-37000 affects Free MP3 CD Ripper 2.8. The vulnerability is a stack buffer overflow in the WAV file handling that enables remote code execution on vulnerable Windows systems. Attacks require crafting a malicious WAV payload and can leverage an exploit file with shellcode, SEH bypass, and ...
PT-2026-5276
Free MP3 CD Ripper 2.8 contains a stack buffer overflow vulnerability that allows remote attackers to execute arbitrary code by crafting a malicious WAV file with oversized payload. Attackers can leverage a specially crafted exploit file with shellcode, SEH bypass, and egghunter technique to...
MiracleLinux 7 : libsndfile-1.0.25-12.el7.1 (AXSA:2021-2390:02)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2390:02 advisory. libsndfile: Heap buffer overflow via crafted WAV file allows arbitrary code execution CVE-2021-3246 CVEs: CVE-2021-3246 Tenable has extracted the preceding...
EUVD-2026-2739
A stack overflow in the pcmreframeflushpacket function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted WAV file...
CVE-2019-18795
The BASS Audio Library 2.4.14 under Windows is prone to a BASSStreamCreateFile out of bounds read vulnerability via a crafted .wav file. An attacker can exploit this issues to gain access to sensitive information that may aid in further attacks. A failure in exploitation leads to denial of servic...
Linux Distros Unpatched Vulnerability : CVE-2022-50798
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SoX 14.4.2 contains a division by zero vulnerability when handling WAV files that can cause program crashes. Attackers can trigger a floating point exception by...
UBUNTU-CVE-2022-50798
SoX 14.4.2 contains a division by zero vulnerability when handling WAV files that can cause program crashes. Attackers can trigger a floating point exception by providing a specially crafted WAV file that causes arithmetic errors during sound file processing...
CVE-2022-50798
...
Low: sox
Issue Overview: A floating point exception divide-by-zero issue was discovered in SoX in functon startread of wav.c file. An attacker with a crafted wav file, could cause an application to crash. CVE-2021-33844 Affected Packages: sox Note: This advisory is applicable to Amazon Linux 2 AL2 Core...
EUVD-2017-2967
Malware in sbrugna...
EUVD-2017-18347
Malware in sbrugna...
EUVD-2019-8500
Malware in sbrugna...
EUVD-2017-18068
Malware in sbrugna...
EUVD-2020-16640
Malware in sbrugna...
EUVD-2009-3410
Malware in sbrugna...
EUVD-2020-10695
Malware in sbrugna...