Lucene search
K

33 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in wavpack

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variables. The impact includes unexpected control flow, crashes, and segfaults. The affected component is: ParseWave64HeaderConfig wave64.c:211. The attack vector is a maliciously crafted .wav file. The fixed version is: Afte...

5.5CVSS6.6AI score0.01503EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/06/11 10:32 a.m.7 views

libsndfile: integer overflow in ima_reader_init()

A flaw was found in the libsndfile library. An integer overflow in the IMA ADPCM codec can occur when a specially crafted WAV audio file is processed, specifically with malicious samplesperblock and blocks values. This can lead to a heap-based buffer overflow, causing a crash to the application...

7.5CVSS5.6AI score0.00504EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/06/11 6:43 a.m.8 views

libsndfile: integer overflow in ima_reader_init()

A flaw was found in the libsndfile library. An integer overflow in the IMA ADPCM codec can occur when a specially crafted WAV audio file is processed, specifically with malicious samplesperblock and blocks values. This can lead to a heap-based buffer overflow, causing a crash to the application...

7.5CVSS5.6AI score0.00504EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/06/04 8:11 a.m.11 views

libsndfile: integer overflow in ima_reader_init()

A flaw was found in the libsndfile library. An integer overflow in the IMA ADPCM codec can occur when a specially crafted WAV audio file is processed, specifically with malicious samplesperblock and blocks values. This can lead to a heap-based buffer overflow, causing a crash to the application...

7.5CVSS5.9AI score0.00504EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.16 views

Alibaba Cloud Linux 3 : 0136: libsndfile (ALINUX3-SA-2026:0136)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0136 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-37555: A flaw was found in the libsndfile...

8.2CVSS6AI score0.00504EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.10 views

Unity Linux 20.1060e / 20.1070e Security Update: audiofile (UTSA-2026-017498)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017498 advisory. Heap-based buffer overflow in the readValue function in FileHandle.cpp in audiofile aka libaudiofile and Audio File Library 0.3.6 allows remote attackers to have...

7.8CVSS7.3AI score0.03241EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/07 5:22 p.m.11 views

CVE-2026-37555

A flaw was found in the libsndfile library. An integer overflow in the IMA ADPCM codec can occur when a specially crafted WAV audio file is processed, specifically with malicious samplesperblock and blocks values. This can lead to a heap-based buffer overflow, causing a crash to the application...

8.2CVSS6AI score0.00504EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/26 1:24 p.m.10 views

CVE-2018-25212 Boxoft wav-wma Converter 1.0 Local Buffer Overflow SEH

Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows attackers to execute arbitrary code by crafting malicious WAV files. Attackers can create a specially crafted WAV file with excessive data and ROP gadgets to overwrite the SEH...

8.6CVSS6.8AI score0.00206EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/17 9:31 p.m.5 views

EUVD-2026-12633

miniaudio version 0.11.25 and earlier contain a heap out-of-bounds read vulnerability in the WAV BEXT metadata parser that allows attackers to trigger memory access violations by processing crafted WAV files. Attackers can exploit improper null-termination handling in the coding history field to...

5.1CVSS5.8AI score0.00231EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/03/05 6:49 a.m.4 views

SUSE CVE-2026-29022

drlibs drwav.h version 0.14.4 and earlier fixed in commit 8a7258c contain a heap buffer overflow vulnerability in the drwavreadsmpltometadataobj function of drwav.h that allows memory corruption via crafted WAV files. Attackers can exploit a mismatch between sampleLoopCount validation in pass 1 a...

7.8CVSS6.1AI score0.00207EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/03/03 8:16 p.m.3 views

CVE-2026-29022

drlibs drwav.h version 0.14.4 and earlier fixed in commit 8a7258c contain a heap buffer overflow vulnerability in the drwavreadsmpltometadataobj function of drwav.h that allows memory corruption via crafted WAV files. Attackers can exploit a mismatch between sampleLoopCount validation in pass 1 a...

7.8CVSS6AI score0.00207EPSS
Exploits1References3
OSV
OSV
added 2026/03/03 7:49 p.m.4 views

CVE-2026-29022 mackron / dr_libs dr_wav.h Heap Buffer Overflow via WAV File

drlibs drwav.h version 0.14.4 and earlier fixed in commit 8a7258c contain a heap buffer overflow vulnerability in the drwavreadsmpltometadataobj function of drwav.h that allows memory corruption via crafted WAV files. Attackers can exploit a mismatch between sampleLoopCount validation in pass 1 a...

6.8CVSS6.2AI score0.00207EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2026/03/03 7:49 p.m.7 views

CVE-2026-29022

drlibs drwav.h version 0.14.4 and earlier fixed in commit 8a7258c contain a heap buffer overflow vulnerability in the drwavreadsmpltometadataobj function of drwav.h that allows memory corruption via crafted WAV files. Attackers can exploit a mismatch between sampleLoopCount validation in pass 1 a...

7.8CVSS6AI score0.00207EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.6 views

PT-2026-22810

Name of the Vulnerable Software and Affected Versions dr libs versions prior to the commit 8a7258c Description The software contains a heap buffer overflow in the drwav read smpl to metadata obj function within dr wav.h. This allows for memory corruption through specially crafted WAV files. A...

7.8CVSS6AI score0.00207EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2026/01/24 12:0 a.m.5 views

Debian dla-4450 : libtag1-dev - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4450 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4450-1 [email protected] https://www.debian.org/lts/security/...

7.1CVSS5.6AI score0.00257EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/12/23 12:0 a.m.6 views

SUSE SLED15: libtag-devel / libtag-doc / libtag1 / libtag1-32bit / libtag_c0 / etc (SUSE-SU-2025:4501-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4501-1 advisory. - CVE-2023-47466: application crash when processing specially crafted WAV files during tag writing...

7.1CVSS5.8AI score0.00257EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-11099

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When SWFTools 0.9.2 processes a crafted file in wav2swf, it can lead to a Segmentation Violation in the wavconvert2mono function in lib/wav.c. CVE-2017-11099 No...

8.8CVSS7.2AI score0.01421EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/05/22 12:0 a.m.7 views

CVE-2023-47466

TagLib before 2.0 allows a segmentation violation and application crash during tag writing via a crafted WAV file in which an id3 chunk is the only valid chunk...

2.9CVSS3.9AI score0.00257EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2025/05/13 8:36 a.m.3 views

gstreamer1-plugins-good: OOB-read in gst_wavparse_smpl_chunk

A flaw was found in the GStreamer library. Various out-of-bounds reads in the WAV parser can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash...

9.1CVSS5.7AI score0.01161EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2017-11331

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The wavopen function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service memory allocation error via a crafted...

5.5CVSS6.1AI score0.03793EPSS
Exploits3References4
Rows per page
Query Builder