712 matches found
Rocky Linux 8 : wavpack (RLSA-2020:1581)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:1581 advisory. - The function WavpackPackInit in packutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service resource exhaustion...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : WavPack vulnerabilities (USN-3839-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3839-1 advisory. It was discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial...
CVE-2022-2476 affecting package wavpack for versions less than 5.6.0-1
CVE-2022-2476 affecting package wavpack for versions less than 5.6.0-1. An upgraded version of the package is available that resolves this issue...
CVE-2021-44269 affecting package wavpack for versions less than 5.6.0-1
CVE-2021-44269 affecting package wavpack for versions less than 5.6.0-1. An upgraded version of the package is available that resolves this issue...
SUSE-SU-2023:3688-1 Security update for gstreamer-plugins-good
This update for gstreamer-plugins-good fixes the following issues: - CVE-2021-3497: Matroskademux: Fix extraction of multichannel WavPack bsc1184739. - CVE-2022-1920: Fixed integer overflow in WavPack header handling code bsc1201688. - CVE-2022-1921: Fixed integer overflow resulting in heap...
Oracle Linux 8 : wavpack (ELSA-2020-1581)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1581 advisory. - CVE-2018-19841 - CVE-2019-1010317 - CVE-2019-1010315 - CVE-2019-11498 - CVE-2018-19840 Tenable has extracted the preceding description block directly...
Amazon Linux 2 : wavpack (ALAS-2023-2213)
The version of wavpack installed on the remote host is prior to 4.60.1-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2213 advisory. A null pointer dereference bug was found in wavpack-5.4.0 The results from the ASAN log: AddressSanitizer:DEADLYSIGNAL...
The vulnerability in the main() function of the cli/wvunpack.c component of the WavPack audio codec allows a hacker to cause a service failure.
The vulnerability of the main function in the cli/wvunpack.c component of the WavPack audio codec is related to pointer arithmetic errors. Exploiting this vulnerability allows an attacker to cause a service failure by using a specially created file...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in WavPack ( CVE-2021-44269)
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in WavPack, caused by a heap out-of-bounds read flaw in WavpackPackSamples function in src/packutils.c CVE-2021-44269. WavPack is included as part of the runtimes in our service. This...
Fedora: Security Advisory for loudgain (FEDORA-2023-a5e10b188a)
The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE CVE-2016-10170
The WriteCaffHeader function in cli/caff.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted WV file...
SUSE CVE-2016-10169
The readcode function in readwords.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted WV file...
SUSE CVE-2016-10171
The unreorderchannels function in cli/wvunpack.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted WV file...
SUSE CVE-2016-10172
The readnewconfiginfo function in openutils.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted WV file...
SUSE CVE-2018-6767
A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service attack or possibly have unspecified other impact via a maliciously crafted RF64 file...
SUSE CVE-2018-7253
The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service heap-based buffer over-read or possibly overwrite the heap via a maliciously crafted DSDIFF file...
SUSE CVE-2018-7254
The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service global buffer over-read, or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file...
SUSE CVE-2018-10536
An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks...
SUSE CVE-2018-10537
An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks...
SUSE CVE-2018-10539
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...