Lucene search
+L
SymonicsLibmysofa

15 matches found

CVE
CVE
added 2019/09/08 2:41 a.m.265 views

CVE-2019-16092

CVE-2019-16092 concerns a NULL pointer dereference in libmysofa’s hrtf/reader.c by function getHrtf, affecting the 0.7 release of Symonics libmysofa. The issue yields a high/severe impact profile with CVSS metrics indicating possible high impact on confidentiality, integrity, and availability (C:...

9.8CVSS9.2AI score0.0153EPSS
CVE
CVE
added 2019/09/08 2:40 a.m.264 views

CVE-2019-16094

Summary: CVE-2019-16094 affects libmysofa. The issue is an invalid read in readOHDRHeaderMessageDataLayout within hdf/dataobject.c. This vulnerability is referenced across multiple advisories (Ubuntu USN-4473-1, OpenSUSE SEC updates) and is associated with the 0.9.1 release that fixes a set of se...

7.5CVSS8.3AI score0.01347EPSS
CVE
CVE
added 2019/09/08 2:41 a.m.263 views

CVE-2019-16093

CVE-2019-16093 concerns the libmysofa library (Symonics) with an invalid write in readOHDRHeaderMessageDataLayout within hdf/dataobject.c. Connected OpenSUSE/OpenUSVE entries confirm the issue existed in libmysofa prior to version 0.9.1 and document a remediation: upgrade to version 0.9.1. The Ub...

9.8CVSS9.3AI score0.0153EPSS
CVE
CVE
added 2019/09/08 2:41 a.m.257 views

CVE-2019-16091

CVE-2019-16091 affects libmysofa 0.7 with an out-of-bounds read in directblockRead (hdf/fractalhead.c). This is fixed in libmysofa v0.9.1 (openSUSE security advisories OSV-2021:0444-1, SU-2021:0459-1) and included in Ubuntu USN-4473-1 as part of a batch of fixes for multiple CVEs. The CVSS vector...

7.5CVSS8.3AI score0.01347EPSS
CVE
CVE
added 2019/09/08 2:40 a.m.255 views

CVE-2019-16095

CVE-2019-16095 affects Symonics libmysofa 0.7, with an invalid read in getDimension (hrtf/reader.c). Documented impact per CVSS: base 7.5 (HIGH), network attack, no user interaction, and partial confidentiality impact. Connected advisories indicate fixes in libmysofa 0.9.1 (openSUSE/SUSE updates)...

7.5CVSS8.3AI score0.01347EPSS
CVE
CVE
added 2020/01/13 6:24 a.m.204 views

CVE-2020-6860

CVE-2020-6860 affects libmysofa 0.9.1 and involves a stack-based buffer overflow in readDataVar within hdf/dataobject.c while reading a header message attribute. Multiple security advisories (openSUSE, Fedora/EUVD/Nessus-like findings) corroborate the issue and route mitigation to updating to a f...

8.8CVSS9.3AI score0.01668EPSS
CVE
CVE
added 2019/12/27 1:12 a.m.202 views

CVE-2019-20016

CVE-2019-20016 affects libmysofa. Multiple connected sources confirm the issue arises from insufficient restriction of recursive function calls, demonstrated by stack consumption in readOHDRHeaderMessageDatatype (dataobject.c) and directblockRead (fractalhead.c). The vulnerability is addressed in...

6.5CVSS6.9AI score0.01691EPSS
CVE
CVE
added 2019/12/29 7:59 p.m.161 views

CVE-2019-20063

CVE-2019-20063 affects libmysofa prior to version 0.8, caused by an uninitialized use of memory in hdf/dataobject.c, demonstrated by mysofa2json. Several advisories confirm the issue and list it among CVEs fixed by updating to libmysofa 0.9.1 (openSUSE SU-2021-444/OSV entries; openSUSE backports)...

8.8CVSS8.9AI score0.01441EPSS
CVE
CVE
added 2021/02/08 8:13 p.m.157 views

CVE-2020-36151

CVE-2020-36151 affects libmysofa (versions 0.5–1.1). The root cause is incorrect handling of input data in mysofa_resampler_reset_mem, leading to a heap buffer overflow that can overwrite large blocks of memory. Connected advisories confirm fixes in libmysofa 0.9.1 via openSUSE/SUSE security upda...

6.5CVSS7.5AI score0.01223EPSS
CVE
CVE
added 2021/02/08 8:13 p.m.148 views

CVE-2020-36149

CVE-2020-36149 concerns libmysofa (versions 0.5–1.1) where incorrect handling of input data in changeAttribute can cause a NULL pointer dereference and segmentation fault, especially under memory-restricted or embedded environments. Connected advisories confirm the root cause in changeAttribute (...

6.5CVSS7.2AI score0.01154EPSS
CVE
CVE
added 2021/02/08 8:13 p.m.144 views

CVE-2020-36148

CVE-2020-36148 affects the libmysofa library (versions 0.5–1.1). The issue is an incorrect handling of input data in verifyAttribute, which can cause a NULL pointer dereference and segmentation fault under restricted memory protection, or a near-NULL overwrite when memory is unrestricted (e.g., e...

6.5CVSS7.2AI score0.01154EPSS
CVE
CVE
added 2021/02/08 8:13 p.m.143 views

CVE-2020-36150

CVE-2020-36150 affects libmysofa 0.5–1.1, caused by incorrect input handling in the loudness function, leading to a heap buffer overflow and access to unallocated memory. Connected advisories confirm this CVE alongside multiple related fixes; openSUSE/SUSE advisories update libmysofa to 0.9.1 to ...

6.5CVSS7.5AI score0.01223EPSS
CVE
CVE
added 2021/02/08 8:13 p.m.140 views

CVE-2020-36152

CVE-2020-36152 is a buffer overflow in readDataVar() of hdf/dataobject.c in Symonics libmysofa (versions 0.5–1.1). The vulnerability could allow arbitrary code execution when parsing a crafted SOFA file. Public docs identify this CVE across multiple distributions and advisories, with remediation ...

8.8CVSS8.8AI score0.02255EPSS
CVE
CVE
added 2021/10/29 3:55 p.m.102 views

CVE-2021-3756

CVE-2021-3756 affects the libmysofa library (as referenced across connected documents, including NVD and related advisories). The available details confirm a heap-based buffer overflow vulnerability in libmysofa. The connected sources do not specify affected versions, root cause specifics beyond ...

9.8CVSS7.7AI score0.01035EPSS
CVE
CVE
added 2019/03/31 4:48 p.m.74 views

CVE-2019-10672

CVE-2019-10672 affects libmysofa prior to 0.7, where the function treeRead in hdf/btree.c does not properly validate multiplications and additions. This can lead to instability/crashes when processing certain inputs, as noted by multiple sources (e.g., USN-4033-1 for Ubuntu 18.04, Debian/OSV entr...

9.8CVSS9.3AI score0.02368EPSS