Search CVE reports


Toggle filters

41 – 50 of 134 results


CVE-2018-13440

Low priority

Some fixes available 3 of 6

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert.

1 affected package

audiofile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
audiofile Not affected Not affected Fixed
Show less packages

CVE-2018-13419

Negligible priority
Ignored

** DISPUTED ** An issue has been found in libsndfile 1.0.28. There is a memory leak in psf_allocate in common.c, as demonstrated by sndfile-convert. NOTE: The maintainer and third parties were unable to reproduce and closed the issue.

1 affected package

libsndfile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsndfile Ignored
Show less packages

CVE-2018-13139

Low priority

Some fixes available 4 of 5

A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The...

1 affected package

libsndfile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsndfile Not affected Fixed
Show less packages

CVE-2018-10360

Low priority
Fixed

The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.

1 affected package

file

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
file Fixed
Show less packages

CVE-2017-18188

Medium priority
Needs evaluation

OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which “chown -R” will be run.

1 affected package

opentmpfiles

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
opentmpfiles Not in release Not in release Needs evaluation Not in release
Show less packages

CVE-2017-16942

Negligible priority

Some fixes available 2 of 3

In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists in the function wav_w64_read_fmt_chunk() in wav_w64.c, which may lead to DoS when playing a crafted audio file.

1 affected package

libsndfile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsndfile Not affected Not affected
Show less packages

CVE-2017-13815

Medium priority
Ignored

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party “file” product. Versions before 5.31 allow remote attackers to cause a denial of service (application crash)...

1 affected package

file

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
file
Show less packages

CVE-2017-14634

Negligible priority

Some fixes available 4 of 6

In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file.

1 affected package

libsndfile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsndfile Not affected Fixed
Show less packages

CVE-2017-14246

Low priority

Some fixes available 4 of 6

An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.

1 affected package

libsndfile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsndfile Not affected Fixed
Show less packages

CVE-2017-14245

Low priority

Some fixes available 4 of 6

An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.

1 affected package

libsndfile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsndfile Not affected Fixed
Show less packages