CVE-2018-25212

Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows attackers to execute arbitrary code by crafting malicious WAV files. Attackers can create a specially crafted WAV file with excessive data and ROP gadgets to overwrite the SEH...

PT-2026-28249

Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows attackers to execute arbitrary code by crafting malicious WAV files. Attackers can create a specially crafted WAV file with excessive data and ROP gadgets to overwrite the SEH...

ai.ancf.lmos:arc-graphql-spring-boot-starter (>=0.114.0 <=0.120.0), ai.ancf.lmos:arc-runner (>=0.114.0 <=0.120.0) +1424 more potentially affected by CVE-2026-22737 via org.springframework:spring-webflux (>=6.2.0 <=6.2.16)

org.springframework:spring-webflux MAVEN version =6.2.0, =0.114.0, =0.114.0, =0.5.0, =0.8.0, =1.0.0, =1.0.0, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.6 - ai.telosforge:kimaira-util-webclient =1.2.6 and more Source cves: CVE-2026-22737 Source advisory:...

SUSE CVE-2026-32837

miniaudio version 0.11.25 and earlier fixed in commits 1df46ae and 1df46ae contain a heap out-of-bounds read vulnerability in the WAV BEXT metadata parser that allows attackers to trigger memory access violations by processing crafted WAV files. Attackers can exploit improper null-termination...

CVE-2026-32837

miniaudio version 0.11.25 and earlier fixed in commits 1df46ae and 1df46ae contain a heap out-of-bounds read vulnerability in the WAV BEXT metadata parser that allows attackers to trigger memory access violations by processing crafted WAV files. Attackers can exploit improper null-termination...

UBUNTU-CVE-2026-32837

miniaudio version 0.11.25 and earlier fixed in commits 1df46ae and 1df46ae contain a heap out-of-bounds read vulnerability in the WAV BEXT metadata parser that allows attackers to trigger memory access violations by processing crafted WAV files. Attackers can exploit improper null-termination...

miniaudio 安全漏洞

Miniaudio is an audio playback and capture library developed by David Reid. Versions of Miniaudio prior to 0.11.25 contained security vulnerabilities. These vulnerabilities stemmed from a buffer overflow vulnerability in the WAV BEXT metadata parser, which could allow attackers to trigger memory...

[SECURITY] Fedora 43 Update: SDL3_sound-3.0.0~20260117gitb00e4a3-1.fc43

SDLsound is a library that handles the decoding of several popular sound file formats, such as .WAV and .OGG. It is meant to make the programmer's sound playback tasks simpler. The programmer gives SDLsound a filename, or feeds it data directly from one of many sources, and then reads the decoded...

[SECURITY] Fedora 44 Update: SDL3_sound-3.0.0~20260117gitb00e4a3-1.fc44

SDLsound is a library that handles the decoding of several popular sound file formats, such as .WAV and .OGG. It is meant to make the programmer's sound playback tasks simpler. The programmer gives SDLsound a filename, or feeds it data directly from one of many sources, and then reads the decoded...

EUVD-2026-9315

drlibs version 0.14.4 and earlier fixed in commit 8a7258c contain a heap buffer overflow vulnerability in the drwavreadsmpltometadataobj function of drwav.h that allows memory corruption via crafted WAV files. Attackers can exploit a mismatch between sampleLoopCount validation in pass 1 and...

DEBIAN-CVE-2026-20777

A heap-based buffer overflow vulnerability exists in the Nicolet WFT parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch db9a9a63. A specially crafted .wft file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2026-3393

A security vulnerability has been detected in jarikomppa soloud up to 20200207. The impacted element is the function SoLoud::Wav::loadflac of the file src/audiosource/wav/soloudwav.cpp of the component Audio File Handler. Such manipulation leads to heap-based buffer overflow. The attack must be...

PT-2026-22516

A vulnerability was detected in jarikomppa soloud up to 20200207. This affects the function SoLoud::Wav::loadwav of the file src/audiosource/wav/soloud wav.cpp of the component WAV File Parser. Performing a manipulation results in memory corruption. The attack must be initiated from a local...

WAVE

...

Wiz Named a Leader in The Forrester Wave™: Cloud Native Application Protection Solutions, Q1 2026

Forrester’s CNAPP evaluation rated Wiz with the highest Current Offering category score, which we believe reflects our commitment to protecting everything built and run in the cloud...

Qualys Recognized as a Leader in the 2026 Forrester Wave™ for CNAPP

Qualys’ Key Takeaways Qualys Named a Leader: Recognized as one of only three leaders in The Forrester Wave: Cloud-Native Application Protection Solutions CNAPP, Q1 2026. Unified Platform: “Qualys has been actively expanding its platform to cover CSPM, CIEM, and even SaaS security posture manageme...

CVE-2026-2258

A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been published and ma...

CVE-2026-2258

A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been published and ma...

CVE-2026-2258

A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been published and ma...

CVE-2026-2258 aardappel lobster wfc.h WaveFunctionCollapse memory corruption

A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been published and ma...