Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Audio File Library Project Subscribe
Filtered by product Audio File Library
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-24599 1 Audio File Library Project 1 Audio File Library 2022-03-03 4.3 MEDIUM 6.5 MEDIUM
In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the copyrightstring function to get data, however, it dosn't use zero bytes to truncate the data.
CVE-2018-17095 2 Audio File Library Project, Canonical 2 Audio File Library, Ubuntu Linux 2021-02-09 6.8 MEDIUM 8.8 HIGH
An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert.
CVE-2015-7747 3 Audio File Library Project, Canonical, Fedoraproject 3 Audio File Library, Ubuntu Linux, Fedora 2020-04-13 6.8 MEDIUM 8.8 HIGH
Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c.
CVE-2018-13440 2 Audio File Library Project, Canonical 2 Audio File Library, Ubuntu Linux 2020-04-13 4.3 MEDIUM 6.5 MEDIUM
The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert.
CVE-2019-13147 1 Audio File Library Project 1 Audio File Library 2019-07-03 4.3 MEDIUM 6.5 MEDIUM
In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.