Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-23904 | 1 Xiph | 1 Speex | 2022-04-18 | 4.3 MEDIUM | 5.5 MEDIUM |
| ** DISPUTED ** A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo program." | |||||
| CVE-2020-23903 | 2 Fedoraproject, Xiph | 2 Fedora, Speex | 2022-04-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. | |||||
| CVE-2008-1686 | 2 Xine, Xiph | 3 Xine-lib, Libfishsound, Speex | 2018-10-11 | 9.3 HIGH | N/A |
| Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer. | |||||