1493 matches found
CVE-2026-37555
An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path line 241 was fixed with sfcountt cast, but the WAV code path line 235 and close path line 167 were not. When samplesperblock int blocks int exceeds INTMAX, the 32-bit multiplication overflows before being assigned to...
CVE-2026-37555
An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path line 241 was fixed with sfcountt cast, but the WAV code path line 235 and close path line 167 were not. When samplesperblock int blocks int exceeds INTMAX, the 32-bit multiplication overflows before being assigned to...
UBUNTU-CVE-2026-37555
An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path line 241 was fixed with sfcountt cast, but the WAV code path line 235 and close path line 167 were not. When samplesperblock int blocks int exceeds INTMAX, the 32-bit multiplication overflows before being assigned to...
CVE-2026-37555
The CVE-2026-37555 entry describes a vulnerability in libsndfile 1.2.2’s IMA ADPCM codec. The AIFF path was fixed via a (sf_count_t) cast, but the WAV and close paths remain vulnerable. When samplesperblock (int) * blocks (int) exceeds INT_MAX, a 32-bit multiplication overflows before assignment ...
CVE-2026-37555
An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path line 241 was fixed with sfcountt cast, but the WAV code path line 235 and close path line 167 were not. When samplesperblock int blocks int exceeds INTMAX, the 32-bit multiplication overflows before being assigned to...
PT-2026-35949
Name of the Vulnerable Software and Affected Versions libsndfile version 1.2.2 Description An integer overflow exists in the IMA ADPCM codec within the WAV and close code paths. When the product of samplesperblock and blocks exceeds the maximum value of a 32-bit signed integer INT MAX, a...
EUVD-2026-26241
An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path line 241 was fixed with sfcountt cast, but the WAV code path line 235 and close path line 167 were not. When samplesperblock int blocks int exceeds INTMAX, the 32-bit multiplication overflows before being assigned to...
CVE-2026-37555
An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path line 241 was fixed with sfcountt cast, but the WAV code path line 235 and close path line 167 were not. When samplesperblock int blocks int exceeds INTMAX, the 32-bit multiplication overflows before being assigned to...
CVE-2026-37555
An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path line 241 was fixed with sfcountt cast, but the WAV code path line 235 and close path line 167 were not. When samplesperblock int blocks int exceeds INTMAX, the 32-bit multiplication overflows before being assigned to...
CVE-2026-37555
An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path line 241 was fixed with sfcountt cast, but the WAV code path line 235 and close path line 167 were not. When samplesperblock int blocks int exceeds INTMAX, the 32-bit multiplication overflows before being assigned to...
CVE-2026-37555
An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path line 241 was fixed with sfcountt cast, but the WAV code path line 235 and close path line 167 were not. When samplesperblock int blocks int exceeds INTMAX, the 32-bit multiplication overflows before being assigned to...
SDLLMFuzz: Dynamic-Static LLM-Assisted Greybox Fuzzing for Structured Input Programs
Fuzzing has become a widely adopted technique for vulnerability discovery, yet it remains ineffective for structured-input programs due to strict syntactic constraints and limited semantic awareness. Traditional greybox fuzzers rely on mutation-based strategies and coarse-grained coverage feedbac...
CVE-2026-4732
A flaw was found in tildearrow furnace. This out-of-bounds read vulnerability, specifically within the extern/libsndfile-modified/src modules and associated with flac.C, could allow a local user to cause a denial of service, disclose sensitive information, or potentially execute arbitrary code...
EUVD-2026-14710
Out-of-bounds Read vulnerability in tildearrow furnace extern/libsndfile-modified/src modules. This vulnerability is associated with program files flac.C. This issue affects furnace: before 0.7...
CVE-2026-4732
CVE-2026-4732 is an out-of-bounds read in furnace (extern/libsndfile-modified/src modules) associated with the flac.C file, affecting furnace versions before 0.7. Red Hat notes a local-denial-of-service risk with potential information disclosure or arbitrary code execution. Circl and EUVD entries...
Advisory ROSA-SA-2026-3237
software: libsndfile 1.1.0 OS: ROSA-CHROME unaffected versions = libsndfile-1.1.0-6 affected versions libsndfile-1.1.0-6 CVE-ID: CVE-2025-56226 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Memory leak in Libsndfile =1.2.2 in the mpegl3encoderinit function file mpegl3encode.c. CVE-STATUS: The...
ROOT-OS-DEBIAN-12-CVE-2022-33064 CVE-2022-33064 in rootio-libsndfile - Patched by Root
Root has patched CVE-2022-33064 in the rootio-libsndfile package for Root:Debian:12. Multiple fixed versions available...
OESA-2026-1606 libsndfile security update
Libsndfile is a C library for reading and writing files containing sampled sound such as MS Windows WAV and the Apple/SGI AIFF format through one standard library interface. Security Fixes: Libsndfile =1.2.2 contains a memory leak vulnerability in the mpegl3encoderinit function within the...
OESA-2026-1605 libsndfile security update
Libsndfile is a C library for reading and writing files containing sampled sound such as MS Windows WAV and the Apple/SGI AIFF format through one standard library interface. Security Fixes: Libsndfile =1.2.2 contains a memory leak vulnerability in the mpegl3encoderinit function within the...
OESA-2026-1604 libsndfile security update
Libsndfile is a C library for reading and writing files containing sampled sound such as MS Windows WAV and the Apple/SGI AIFF format through one standard library interface. Security Fixes: Libsndfile =1.2.2 contains a memory leak vulnerability in the mpegl3encoderinit function within the...