255 matches found
Ubuntu 18.04 LTS : libmysofa vulnerabilities (USN-4473-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4473-1 advisory. It was discovered that libmysofa incorrectly handled certain input files. An attacker could possibly use this issue to cause a denial of service or other...
Ubuntu 18.04 ESM / 20.04 ESM : libmysofa vulnerability (USN-5184-1)
The remote Ubuntu 18.04 ESM / 20.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5184-1 advisory. It was discovered that libmysofa mishandled certain input. An attacker could use this vulnerability to cause a denial of service crash. Tenable has...
SUSE CVE-2019-10672
treeRead in hdf/btree.c in libmysofa before 0.7 does not properly validate multiplications and additions...
SUSE CVE-2019-16093
Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c...
SUSE CVE-2019-16092
Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c...
SUSE CVE-2019-16091
Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c...
SUSE CVE-2019-16094
Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c...
SUSE CVE-2019-16095
Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c...
SUSE CVE-2019-20016
libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue...
SUSE CVE-2019-20063
hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json...
SUSE CVE-2020-6860
libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute...
SUSE CVE-2020-36149
Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions e.g. in embedded environment...
SUSE CVE-2020-36150
Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block...
SUSE CVE-2020-36148
Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions e.g. in embedded environment...
SUSE CVE-2020-36152
Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA...
SUSE CVE-2021-3756
libmysofa is vulnerable to Heap-based Buffer Overflow...
Ubuntu: Security Advisory (USN-5184-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-6860
libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute...
CVE-2020-36149
Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions e.g. in embedded environment...
Fedora: Security Advisory for libmysofa (FEDORA-2021-28b495e9e0)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...