Known Vulnerabilities for products from Sound Exchange Project
Listed below are 16 of the newest known vulnerabilities associated with the vendor "Sound Exchange Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-34432 json | A heap buffer overflow vulnerability was found in sox, in the lsx_readbuf function at sox/src/formats_i.c:98:16. This flaw ca... | 7.8 - HIGH | 2023-07-10 | 2023-11-07 |
| CVE-2019-1010004 json | SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds Read. The impact is: Denial of Service. The component i... | 5.5 - MEDIUM | 2019-07-15 | 2019-08-02 |
| CVE-2019-13590 json | An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h (startread function), there is an integer overflow on the res... | 5.5 - MEDIUM | 2019-07-14 | 2023-02-10 |
| CVE-2019-8357 json | An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c allows a NULL pointer dereference. | 5.5 - MEDIUM | 2019-02-15 | 2019-05-28 |
| CVE-2019-8356 json | An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to wri... | 5.5 - MEDIUM | 2019-02-15 | 2020-08-24 |
| CVE-2019-8355 json | An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into th... | 5.5 - MEDIUM | 2019-02-15 | 2020-08-24 |
| CVE-2019-8354 json | An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication... | 5 - MEDIUM | 2019-02-15 | 2020-08-24 |
| CVE-2017-18189 json | In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers ... | 7.5 - HIGH | 2018-02-15 | 2023-11-07 |
| CVE-2017-15642 json | In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is a Use-After-Free vulnerability triggered by supplying... | 5.5 - MEDIUM | 2017-10-19 | 2021-06-24 |
| CVE-2017-15372 json | There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c in Sound eXchange (SoX) 14.4.2.... | 5.5 - MEDIUM | 2017-10-16 | 2021-06-24 |
| CVE-2017-15371 json | There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A Craf... | 5.5 - MEDIUM | 2017-10-16 | 2021-06-24 |
| CVE-2017-15370 json | There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A Crafted input ... | 5.5 - MEDIUM | 2017-10-16 | 2021-06-24 |
| CVE-2017-11359 json | The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide... | 5.5 - MEDIUM | 2017-07-31 | 2019-03-08 |
| CVE-2017-11358 json | The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (inva... | 5.5 - MEDIUM | 2017-07-31 | 2023-02-07 |
| CVE-2017-11332 json | The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-b... | 5.5 - MEDIUM | 2017-07-31 | 2019-03-08 |
| CVE-2014-8145 json | Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 and earlier allow remote attackers to have unspecified im... | 7.5 - HIGH | 2014-12-31 | 2019-03-01 |
Known software with vulnerabilities from Sound Exchange Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Sound Exchange Project | Sound Exchange | 12.16 |