Skip to main content

Stb Vorbis

8 CVEs product

Monthly

CVE-2019-13223 MEDIUM PATCH This Month

A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Stb Vorbis Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
1.0%
CVE-2019-13222 HIGH PATCH This Week

An out-of-bounds read of a global buffer in the draw_line function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Information Disclosure Stb Vorbis Debian Linux
NVD GitHub
CVSS 3.1
7.1
EPSS
1.0%
CVE-2019-13221 HIGH PATCH This Week

A stack buffer overflow in the compute_codewords function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Buffer Overflow RCE Memory Corruption Stb Vorbis +1
NVD GitHub
CVSS 3.1
7.8
EPSS
1.5%
CVE-2019-13220 HIGH PATCH This Week

Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Denial Of Service Stb Vorbis Debian Linux
NVD GitHub
CVSS 3.1
7.1
EPSS
1.0%
CVE-2019-13219 MEDIUM PATCH This Month

A NULL pointer dereference in the get_window function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Stb Vorbis Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
1.0%
CVE-2019-13218 MEDIUM PATCH This Month

Division by zero in the predict_point function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Stb Vorbis Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
1.0%
CVE-2019-13217 HIGH PATCH This Week

A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Buffer Overflow RCE Memory Corruption Stb Vorbis +1
NVD GitHub
CVSS 3.1
7.8
EPSS
1.5%
CVE-2018-1000050 HIGH PATCH This Week

Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Stb Vorbis
NVD GitHub
CVSS 3.0
8.8
EPSS
1.9%
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Stb Vorbis Debian Linux
NVD GitHub
EPSS 1% CVSS 7.1
HIGH PATCH This Week

An out-of-bounds read of a global buffer in the draw_line function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Information Disclosure +2
NVD GitHub
EPSS 1% CVSS 7.8
HIGH PATCH This Week

A stack buffer overflow in the compute_codewords function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Buffer Overflow RCE +3
NVD GitHub
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Denial Of Service Stb Vorbis Debian Linux
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

A NULL pointer dereference in the get_window function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Stb Vorbis +1
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Division by zero in the predict_point function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Stb Vorbis Debian Linux
NVD GitHub
EPSS 2% CVSS 7.8
HIGH PATCH This Week

A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Buffer Overflow RCE +3
NVD GitHub
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Stb Vorbis
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy