EUVD-2022-53087

Malicious code in bioql PyPI...

OESA-2025-1020 sox security update

SoX is a cross-platform Windows, Linux, MacOS X, etc. command line utility that can convert various formats of computer audio files in to other formats. It can also apply various effects to these sound files, and, as an added bonus, SoX can play and record audio files on most platforms. Security...

AZL-44664 CVE-2021-33844 affecting package sox 14.4.2.0-34

A floating point exception divide-by-zero issue was discovered in SoX in functon startread of wav.c file. An attacker with a crafted wav file, could cause an application to crash...

CVE-2022-31651

In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...

AZL-45270 CVE-2022-31650 affecting package sox 14.4.2.0-34

In SoX 14.4.2, there is a floating-point exception in lsxaiffstartwrite in aiff.c in libsox.a...

UBUNTU-CVE-2022-31651

In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...

SoX 输入验证错误漏洞

SoX is a set of open source audio processing tools. The product supports playing, converting and recording audio in multiple formats. A security vulnerability exists in SoX version 14.4.2, which stems from a floating point exception in lsxaiffstartwrite in aiff.c in libsox.a. The vulnerability is...

PT-2022-6475 · Sox +4 · Sox +4

Name of the Vulnerable Software and Affected Versions: SoX versions 14.4.2 and earlier Description: The issue is related to a heap-based buffer overflow in the start read function of the Sound Exchange libsox. This can be triggered by a specially-crafted file, potentially allowing a remote attack...

AZL-45171 CVE-2019-1010004 affecting package sox 14.4.2.0-34

SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds Read. The impact is: Denial of Service. The component is: readsamples function at xa.c:219. The attack vector is: Victim must open specially crafted .xa file. NOTE: this may overlap CVE-2017-18189...

UBUNTU-CVE-2019-13590

An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h startread function, there is an integer overflow on the result of integer addition wraparound to 0 fed into the lsxcalloc macro that wraps malloc. When a NULL pointer is returned, it is used without a prior check that it is a valid...

CVE-2019-8354

An issue was discovered in SoX 14.4.2. lsxmakelpf in effectidsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow...

PT-2019-2906 · Sox +2 · Sox +2

Name of the Vulnerable Software and Affected Versions: SoX version 14.4.2 Description: A problem was discovered in the lsx make lpf function in effect i dsp.c, which allows a NULL pointer dereference. This issue can be exploited by a remote attacker to cause a denial of service. Recommendations:...

CVE-2004-0557

Multiple buffer overflows in the stwavstartread function in wav.c for Sound eXchange SoX 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields...