Heap-based buffer overflow in the ulaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file.

...

Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file.

...

The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.

...

Linux Distros Unpatched Vulnerability : CVE-2021-36977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - matio aka MAT File I/O Library 1.5.20 and 1.5.21 has a heap-based buffer overflow in H5MMmemcpy called from H5MMmalloc and H5Cloadentry, related to use of HDF5...

CVE-2025-52887

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In version 0.21.0, when many http headers fields are passed in, the library does not limit the number of headers, and the memory associated with the headers will not be released when the connection is disconnected...

Vulnerability of the gsf_property_settings_collec function in the structured file library. The GNOME Project’s libgsf allows a hacker to execute arbitrary code.

Vulnerability of the gsfpropertysettingscollec function in the structured file library: The GNOME Project’s libgsf is vulnerable to buffer overflow in dynamic memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

RLSA-2024:11192 Moderate: libsndfile security update

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: Segmentation fault error in oggvorbis.c:417 vorbisanalysiswrote CVE-2024-50612 For more details about the security issues, including the impact, a CVSS score,...

An Improper Link Resolution Before File Access ("Link Following") and Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal"). This vulnerability occurs when extracting a maliciously crafted tar file, which can result in unauthorized file writes or overwrites outside the intended extraction directory. The issue is associated with index.js in the tar-fs package. This issue affects tar-fs: from 0.0.0 before 1.16.4, from 2.0.0 before 2.1.2, from 3.0.0 before 3.0.8.

...

The vulnerability of the vorbis_analysis_wrote() function in the libsndfile library for reading and writing audio files allows a hacker to execute arbitrary code.

The vulnerability of the vorbisanalysiswrote function in the libsndfile library, a library for reading and writing audio files, is related to reading values outside of the allowed range. Exploiting this vulnerability could allow an attacker to execute arbitrary code on the target system...

libsndfile:1.0.31 security update

An update is available for libsndfile. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libsndfile is a C library for reading and writing files containing sampled...

Linux Distros Unpatched Vulnerability : CVE-2022-24599

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive...

Linux Distros Unpatched Vulnerability : CVE-2017-6829

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The decodeSample function in IMA.cpp in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service crash via a crafted file...

Linux Distros Unpatched Vulnerability : CVE-2017-6836

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the Expand3To4Module::run function in libaudiofile/modules/SimpleModule.h in Audio File Library aka audiofile 0.3.6, 0.3.5, 0.3.4,...

Linux Distros Unpatched Vulnerability : CVE-2017-6834

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the ulaw2linearbuf function in G711.cpp in Audio File Library aka audiofile 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7...

Linux Distros Unpatched Vulnerability : CVE-2017-6837

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WAVE.cpp in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service crash via vectors related to a large number of...

Linux Distros Unpatched Vulnerability : CVE-2017-6838

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in sfcommands/sfconvert.c in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service crash via a crafted...

Linux Distros Unpatched Vulnerability : CVE-2017-6839

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in modules/MSADPCM.cpp in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service crash via a crafted file...

libgsf: Multiple Vulnerabilities

Background The GNOME Structured File Library is an I/O library that can read and write common file types and handle structured formats that provide file-system-in-a-file semantics. Description Multiple vulnerabilities have been discovered in libgsf. Please review the CVE identifiers referenced...

Moderate: Red Hat Security Advisory: libsndfile:1.0.31 security update

An update for the libsndfile:1.0.31 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ALSA-2024:11237 Moderate: libsndfile:1.0.31 security update

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: Segmentation fault error in oggvorbis.c:417 vorbisanalysiswrote CVE-2024-50612 For more details about the security issues, including the impact, a CVSS score,...