Lucene search
+L

14 matches found

openvas
openvas
added 2024/03/04 12:0 a.m.34 views

openSUSE: Security Advisory for sox (openSUSE-SU-2023:0329-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.3AI score0.02211EPSS
Exploits7References2
openvas
openvas
added 2023/03/28 12:0 a.m.24 views

Mageia: Security Advisory (MGASA-2023-0059)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.7AI score0.02211EPSS
Exploits8References5
openvas
openvas
added 2023/03/03 12:0 a.m.36 views

Ubuntu: Security Advisory (USN-5904-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6AI score0.02211EPSS
Exploits8References2
ubuntu
ubuntu
added 2023/03/02 11:42 a.m.83 views

USN-5904-1: SoX vulnerabilities

Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ES...

10CVSS7.1AI score0.02211EPSS
Exploits8
mageia
mageia
added 2023/02/27 8:27 p.m.116 views

Updated sox packages fix security vulnerability

CVE-2019-13590: sox-fmt validation CVE-2021-3643 and CVE-2021-23210: voc validation CVE-2021-23159 and CVE-2021-23172: hcom validation CVE-2021-33844: wav validation CVE-2021-40426: sphere validation CVE-2022-31650: aiff validation CVE-2022-31651: reject implausible rate...

10CVSS6.4AI score0.02211EPSS
Exploits8References3
osv
osv
added 2023/02/27 8:27 p.m.14 views

MGASA-2023-0059 Updated sox packages fix security vulnerability

CVE-2019-13590: sox-fmt validation CVE-2021-3643 and CVE-2021-23210: voc validation CVE-2021-23159 and CVE-2021-23172: hcom validation CVE-2021-33844: wav validation CVE-2021-40426: sphere validation CVE-2022-31650: aiff validation CVE-2022-31651: reject implausible rate...

10CVSS6.2AI score0.02211EPSS
Exploits8References4
debian
debian
added 2023/02/20 7:8 p.m.58 views

[SECURITY] [DSA 5356-1] sox security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5356-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 20, 2023 https://www.debian.org/security/faq -...

10CVSS7.2AI score0.02211EPSS
Exploits7
openvas
openvas
added 2023/02/11 12:0 a.m.19 views

Debian: Security Advisory (DLA-3315-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.8AI score0.02211EPSS
Exploits8References4
redhatcve
redhatcve
added 2022/05/31 5:52 a.m.26 views

CVE-2021-40426

A heap-based buffer overflow vulnerability exists in the sphere.c startread functionality of the Sound Exchange sox library. A specially-crafted file can lead to a heap buffer overflow. This flaw allows an attacker to provide a malicious file to trigger this vulnerability...

10CVSS2.8AI score0.02211EPSS
Exploits1References3
nvd
nvd
added 2022/04/14 8:15 p.m.17 views

CVE-2021-40426

A heap-based buffer overflow vulnerability exists in the sphere.c startread functionality of Sound Exchange libsox 14.4.2 and master commit 42b3557e. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

10CVSS0.02211EPSS
Exploits1References4
cve
cve
added 2022/04/14 7:56 p.m.111 views

CVE-2021-40426

CVE-2021-40426 is a heap-buffer-overflow in the sphere.c start_read() path of Sound Exchange SoX (libsox) 14.4.2 and the master commit 42b3557e. A specially crafted input file can trigger the overflow, with potential outcomes including crash or more severe impact as described in related advisorie...

10CVSS8.9AI score0.02211EPSS
Exploits1References4Affected Software1
vulnrichment
vulnrichment
added 2022/04/14 7:56 p.m.7 views

CVE-2021-40426

A heap-based buffer overflow vulnerability exists in the sphere.c startread functionality of Sound Exchange libsox 14.4.2 and master commit 42b3557e. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

10CVSS8.8AI score0.02211EPSS
Exploits1References4
alpinelinux
alpinelinux
added 2022/04/14 7:56 p.m.36 views

CVE-2021-40426

A heap-based buffer overflow vulnerability exists in the sphere.c startread functionality of Sound Exchange libsox 14.4.2 and master commit 42b3557e. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

10CVSS9.2AI score0.02211EPSS
Exploits1
talos
talos
added 2022/03/23 12:0 a.m.50 views

Sound Exchange libsox sphere.c start_read() heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2021-1434 Sound Exchange libsox sphere.c startread heap-based buffer overflow vulnerability March 23, 2022 CVE Number CVE-2021-40426 SUMMARY A heap-based buffer overflow vulnerability exists in the sphere.c startread functionality of Sound Exchange libsox 14.4.2 a...

10CVSS8.9AI score0.02211EPSS
Exploits1
Rows per page
Query Builder