Lucene search
K

67 matches found

RedhatCVE
RedhatCVE
added 2020/04/08 5:17 a.m.34 views

CVE-2019-11498

WavpackSetConfiguration64 in packutils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service application crash via a DFF file that lacks valid sample-rate data...

6.5CVSS4.8AI score0.03044EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2019/08/06 7:51 a.m.30 views

CVE-2019-1010317

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig caff.c:486. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...

5.5CVSS4.1AI score0.01456EPSS
Exploits1References3
NVD
NVD
added 2019/07/11 8:15 p.m.27 views

CVE-2019-1010319

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseWave64HeaderConfig wave64.c:211. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...

5.5CVSS5.8AI score0.01503EPSS
Exploits1References8
NVD
NVD
added 2019/07/11 8:15 p.m.25 views

CVE-2019-1010317

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig caff.c:486. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...

5.5CVSS5.8AI score0.01456EPSS
Exploits1References8
OSV
OSV
added 2019/07/11 8:15 p.m.30 views

CVE-2019-1010319

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseWave64HeaderConfig wave64.c:211. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...

5.5CVSS6.7AI score
Exploits0References8
Cvelist
Cvelist
added 2019/07/11 7:24 p.m.29 views

CVE-2019-1010317

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig caff.c:486. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...

5.9AI score0.01456EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2019/07/11 7:24 p.m.26 views

CVE-2019-1010317

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig caff.c:486. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...

5.5CVSS5.1AI score0.01456EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2019/07/11 7:23 p.m.48 views

CVE-2019-1010319

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseWave64HeaderConfig wave64.c:211. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...

5.5CVSS6.2AI score0.01503EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2019/07/11 12:0 a.m.27 views

CVE-2019-1010319

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseWave64HeaderConfig wave64.c:211. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...

5.5CVSS6.4AI score0.01503EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.30 views

Fedora 30 : wavpack (2019-1315f2dc3a)

Fix for CVE-2018-19840 CVE-2018-19841 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...

5.5CVSS5.8AI score0.02542EPSS
Exploits1References3
NVD
NVD
added 2019/04/24 5:29 a.m.20 views

CVE-2019-11498

WavpackSetConfiguration64 in packutils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service application crash via a DFF file that lacks valid sample-rate data...

6.5CVSS6.2AI score0.03044EPSS
Exploits1References9
Prion
Prion
added 2019/04/24 5:29 a.m.20 views

Design/Logic Flaw

WavpackSetConfiguration64 in packutils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service application crash via a DFF file that lacks valid sample-rate data...

4.3CVSS6.1AI score0.03044EPSS
Exploits1References9Affected Software4
OSV
OSV
added 2019/04/24 5:29 a.m.26 views

CVE-2019-11498

WavpackSetConfiguration64 in packutils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service application crash via a DFF file that lacks valid sample-rate data...

6.5CVSS4.8AI score
Exploits0References9
Cvelist
Cvelist
added 2019/04/24 4:3 a.m.16 views

CVE-2019-11498

WavpackSetConfiguration64 in packutils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service application crash via a DFF file that lacks valid sample-rate data...

6.3AI score0.03044EPSS
Exploits1References9
AlpineLinux
AlpineLinux
added 2019/04/24 4:3 a.m.31 views

CVE-2019-11498

WavpackSetConfiguration64 in packutils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service application crash via a DFF file that lacks valid sample-rate data...

6.5CVSS6.5AI score0.03044EPSS
Exploits1
NVD
NVD
added 2018/12/04 9:29 a.m.13 views

CVE-2018-19840

The function WavpackPackInit in packutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service resource exhaustion caused by an infinite loop via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero...

5.5CVSS5.5AI score0.02304EPSS
Exploits0References13
Cvelist
Cvelist
added 2018/12/04 9:0 a.m.19 views

CVE-2018-19840

The function WavpackPackInit in packutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service resource exhaustion caused by an infinite loop via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero...

5.4AI score0.02304EPSS
Exploits0References13
UbuntuCve
UbuntuCve
added 2018/12/04 12:0 a.m.23 views

CVE-2018-19840

The function WavpackPackInit in packutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service resource exhaustion caused by an infinite loop via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero...

5.5CVSS6.4AI score0.02304EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2018/12/04 12:0 a.m.24 views

CVE-2018-19841

The function WavpackVerifySingleBlock in openutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service out-of-bounds read and application crash via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack...

5.5CVSS6.4AI score0.02542EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2018/05/03 10:18 p.m.30 views

CVE-2018-10538

An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocopy...

7.8CVSS5.1AI score0.01631EPSS
Exploits1References1
Rows per page
Query Builder