Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2018-10538

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the...

5.5CVSS6.8AI score0.01631EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.20 views

RHEL 7 : wavpack (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wavpack: out of bounds write in ParseRiffHeaderConfig in riff.c CVE-2018-10536 - The readcode function in...

7.8CVSS7.7AI score0.02304EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.19 views

RHEL 7 : wavpack (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wavpack: out of bounds write in ParseRiffHeaderConfig in riff.c CVE-2018-10536 - The readcode function in...

7.2AI score0.02123EPSS
Exploits4References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2019-0045)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.8AI score0.09905EPSS
Exploits10References7
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2021:0186-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.8AI score0.09905EPSS
Exploits13References9
Tenable Nessus
Tenable Nessus
added 2020/01/15 12:0 a.m.28 views

Fedora 31 : mingw-wavpack (2020-e55567b6be)

Security fixes for: CVE-2018-10536 CVE-2018-10537 CVE-2018-10538 CVE-2018-10539 CVE-2018-10540 CVE-2018-19840 CVE-2018-19841 CVE-2019-11498 CVE-2019-1010315 CVE-2019-1010319 CVE-2019-1010317 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

7.8CVSS5.8AI score0.03044EPSS
Exploits8References12
Tenable Nessus
Tenable Nessus
added 2020/01/15 12:0 a.m.30 views

Fedora 30 : mingw-wavpack (2020-73274c9df4)

Security fixes for: CVE-2018-10536 CVE-2018-10537 CVE-2018-10538 CVE-2018-10539 CVE-2018-10540 CVE-2018-19840 CVE-2018-19841 CVE-2019-11498 CVE-2019-1010315 CVE-2019-1010319 CVE-2019-1010317 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

7.8CVSS5.8AI score0.03044EPSS
Exploits8References12
Tenable Nessus
Tenable Nessus
added 2019/12/20 12:0 a.m.36 views

Slackware 14.0 / 14.1 / 14.2 / current : wavpack (SSA:2019-353-01)

New wavpack packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2019-353-01. The text itself is copyright C Slackware...

7.8CVSS6.1AI score0.09905EPSS
Exploits10References11
Mageia
Mageia
added 2019/01/23 3:50 p.m.47 views

Updated wavpack packages fix security vulnerabilities

Joonun Jang discovered that WavPack incorrectly handled certain RF64 files. An attacker could possibly use this to cause a denial of service CVE-2018-6767. It was discovered that WavPack incorrectly handled certain DSDIFF files. An attacker could possibly use this to execute arbitrary code or cau...

7.8CVSS2.6AI score0.09905EPSS
Exploits10References5
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.21 views

Fedora 28 : wavpack (2018-17a97bb25b)

Security fix for CVE-2018-10536 CVE-2018-10537 CVE-2018-10538 CVE-2018-10539 CVE-2018-10540 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possib...

7.8CVSS6.4AI score0.0209EPSS
Exploits3References6
OpenVAS
OpenVAS
added 2018/10/26 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-3637-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.7AI score0.0209EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2018/05/29 12:0 a.m.35 views

Fedora 27 : wavpack (2018-d6002f761d)

Security fix for CVE-2018-10536 CVE-2018-10537 CVE-2018-10538 CVE-2018-10539 CVE-2018-10540 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possib...

7.8CVSS6.4AI score0.0209EPSS
Exploits3References6
Debian
Debian
added 2018/05/09 6:24 p.m.21 views

[SECURITY] [DSA 4197-1] wavpack security updaze

------------------------------------------------------------------------- Debian Security Advisory DSA-4197-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 09, 2018 https://www.debian.org/security/faq -...

7.8CVSS7.9AI score0.0209EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2018/05/01 12:0 a.m.34 views

Ubuntu 18.04 LTS : WavPack vulnerabilities (USN-3637-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3637-1 advisory. Thuan Pham, Marcel Bhme, Andrew Santosa and Alexandru Razvan Caciulescu discovered that WavPack incorrectly handled certain .wav files. An attacker could...

7.8CVSS7.2AI score0.0209EPSS
Exploits3References6
Ubuntu
Ubuntu
added 2018/04/30 8:9 p.m.45 views

USN-3637-1: WavPack vulnerabilities

Thuan Pham, Marcel Böhme, Andrew Santosa and Alexandru Razvan Caciulescu discovered that WavPack incorrectly handled certain .wav files. An attacker could possibly use this to execute arbitrary code or cause a denial of service. CVE-2018-10536, CVE-2018-10537 Thuan Pham, Marcel Böhme, Andrew...

7.8CVSS7.1AI score0.0209EPSS
Exploits3
Debian CVE
Debian CVE
added 2018/04/29 3:0 p.m.25 views

CVE-2018-10538

An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocopy...

5.5CVSS6.5AI score0.01631EPSS
Exploits1
CVE
CVE
added 2018/04/29 3:0 p.m.182 views

CVE-2018-10538

The CVE-2018-10538 issue affects WavPack up to version 5.1.0 for WAV input, where ParseRiffHeaderConfig in riff.c may allocate insufficient memory due to not validating unknown chunk sizes and a vulnerable bytes_to_copy/malloc path. This can cause out-of-bounds writes and memory allocation errors...

5.5CVSS5.7AI score0.01631EPSS
Exploits1References8Affected Software1
Rows per page
Query Builder