Skip to main content

Libmysofa

10 CVEs product

Monthly

CVE-2021-3756 CRITICAL POC PATCH Act Now

libmysofa is vulnerable to Heap-based Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Libmysofa Fedora
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2020-6860 HIGH POC This Week

libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Libmysofa Fedora
NVD GitHub
CVSS 3.1
8.8
EPSS
1.7%
CVE-2019-20063 HIGH POC This Week

hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Libmysofa
NVD GitHub
CVSS 3.1
8.8
EPSS
1.4%
CVE-2019-20016 MEDIUM POC PATCH This Month

libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption Libmysofa
NVD GitHub
CVSS 3.1
6.5
EPSS
1.7%
CVE-2019-16095 HIGH PATCH This Week

Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Libmysofa Ubuntu Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2019-16094 HIGH PATCH This Week

Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Libmysofa Ubuntu Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2019-16093 CRITICAL PATCH Act Now

Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Libmysofa Ubuntu Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2019-16092 CRITICAL PATCH Act Now

Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Libmysofa Ubuntu Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2019-16091 HIGH PATCH This Week

Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Libmysofa Ubuntu Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2019-10672 CRITICAL PATCH Act Now

treeRead in hdf/btree.c in libmysofa before 0.7 does not properly validate multiplications and additions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Libmysofa
NVD GitHub
CVSS 3.0
9.8
EPSS
2.4%
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

libmysofa is vulnerable to Heap-based Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Libmysofa +1
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Libmysofa +1
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Libmysofa
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM POC PATCH This Month

libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption Libmysofa
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Libmysofa +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Libmysofa +1
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Libmysofa +1
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Libmysofa +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Libmysofa +1
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

treeRead in hdf/btree.c in libmysofa before 0.7 does not properly validate multiplications and additions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Libmysofa
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy