Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Libsndfile Project Subscribe
Filtered by product Libsndfile
Total 25 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-8362 2 Debian, Libsndfile Project 2 Debian Linux, Libsndfile 2019-03-04 4.3 MEDIUM 6.5 MEDIUM
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file.
CVE-2017-7741 1 Libsndfile Project 1 Libsndfile 2017-07-10 4.3 MEDIUM 5.5 MEDIUM
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
CVE-2017-7742 1 Libsndfile Project 1 Libsndfile 2017-07-10 4.3 MEDIUM 5.5 MEDIUM
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
CVE-2017-7586 1 Libsndfile Project 1 Libsndfile 2017-07-10 4.3 MEDIUM 5.5 MEDIUM
In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
CVE-2017-7585 1 Libsndfile Project 1 Libsndfile 2017-07-10 4.3 MEDIUM 5.5 MEDIUM
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.