CVSS: 7.8EPSS: 1%CPEs: 3EXPL: 0CVE-2018-10537 – Slackware Security Advisory - wavpack Updates
https://notcve.org/view.php?id=CVE-2018-10537
29 Apr 2018 — An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks. Se ha descubierto un problema en WavPack 5.1.0 y anteriores. El componente de analizador W64 contiene una vulnerabilidad que permite la escritura en la memoria debido a que ParseWave64HeaderConfig en wave64.c no rechaza múltiples fragmentos de formato. Thuan Pham, Marcel Bohme, Andrew Santosa ... • http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-10538 – Slackware Security Advisory - wavpack Updates
https://notcve.org/view.php?id=CVE-2018-10538
29 Apr 2018 — An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation. Se ha descubierto un problema en WavPack 5.1.0 y anteriores para las entradas WAV. Pueden ocurrir escrituras fuera de límites debido a ... • http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-10539 – Slackware Security Advisory - wavpack Updates
https://notcve.org/view.php?id=CVE-2018-10539
29 Apr 2018 — An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation. Se ha descubierto un problema en WavPack 5.1.0 y anteriores para las entradas DSDiff. Pueden ocurrir escrituras fuera de límites... • http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-10540 – Slackware Security Advisory - wavpack Updates
https://notcve.org/view.php?id=CVE-2018-10540
29 Apr 2018 — An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Out-of-bounds writes can occur because ParseWave64HeaderConfig in wave64.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation. Se ha descubierto un problema en WavPack 5.1.0 y anteriores para las entradas W64. Pueden ocurrir escrituras fuera de límites debid... • http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2018-7253 – Slackware Security Advisory - wavpack Updates
https://notcve.org/view.php?id=CVE-2018-7253
19 Feb 2018 — The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (heap-based buffer over-read) or possibly overwrite the heap via a maliciously crafted DSDIFF file. La función ParseDsdiffHeaderConfig del archivo cli/dsdiff.c de WavPack 5.1.0 permite que un atacante remoto provoque una denegación de servicio (sobrelectura de búfer basada en memoria dinámica o heap) o sobrescriba el heap mediante un archivo DSDIFF maliciosamente manipulado. I... • http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 21%CPEs: 2EXPL: 2CVE-2018-7254 – Wavpack 5.1.0 - Denial of Service
https://notcve.org/view.php?id=CVE-2018-7254
19 Feb 2018 — The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file. La función ParseCaffHeaderConfig del archivo cli/caff.c de WavPack 5.1.0 permite que un atacante remoto provoque una denegación de servicio (sobrelectura de búfer global) o que desencadene un desbordamiento de búfer o la asignación incorrecta de memo... • https://packetstorm.news/files/id/146540 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2018-6767 – Slackware Security Advisory - wavpack Updates
https://notcve.org/view.php?id=CVE-2018-6767
06 Feb 2018 — A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service attack or possibly have unspecified other impact via a maliciously crafted RF64 file. Una sobrelectura de búfer basada en pila en la función ParseRiffHeaderConfig del archivo cli/riff.c de WavPack 5.1.0 permite que un atacante remoto provoque un ataque de denegación de servicio (DoS) o posiblemente otro impacto no especificado mediante un archivo RF64... • http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-10169 – Ubuntu Security Notice USN-3568-1
https://notcve.org/view.php?id=CVE-2016-10169
14 Mar 2017 — The read_code function in read_words.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. La función read_code en read_words.c en Wavpack en versiones anteriores a 5.1.0 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo WV manipulado. Hanno Böck discovered that WavPack incorrectly handled certain WV files. An attacker could possibly use this to cause a denial of service. This... • http://www.openwall.com/lists/oss-security/2017/01/28/9 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-10170
https://notcve.org/view.php?id=CVE-2016-10170
14 Mar 2017 — The WriteCaffHeader function in cli/caff.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. La función WriteCaffHeader en cli/caff.c en Wavpack en versiones anteriores a 5.1.0 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo WV manipulado. • http://www.openwall.com/lists/oss-security/2017/01/28/9 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-10171
https://notcve.org/view.php?id=CVE-2016-10171
14 Mar 2017 — The unreorder_channels function in cli/wvunpack.c in Wavpack before 5.1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WV file. La función unreorder_channels en cli/wvunpack.c en Wavpack en versiones anteriores a 5.1.0 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo WV manipulado. • http://www.openwall.com/lists/oss-security/2017/01/28/9 • CWE-125: Out-of-bounds Read •