SymonicsCVEs & Vulnerabilities

15 CVEs affecting Symonics products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

libmysofa 15
CVE-2021-3756CRITICAL

libmysofa is vulnerable to Heap-based Buffer Overflow

29 Oct 2021
9.8
CVSS
CVE-2020-36152HIGH

Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA.

9 Feb 2021
8.8
CVSS
CVE-2020-36151MEDIUM

Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block.

9 Feb 2021
6.5
CVSS
CVE-2020-36150MEDIUM

Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block.

9 Feb 2021
6.5
CVSS
CVE-2020-36149MEDIUM

Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments).

9 Feb 2021
6.5
CVSS
CVE-2020-36148MEDIUM

Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments).

9 Feb 2021
6.5
CVSS
CVE-2020-6860HIGH

libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute.

13 Jan 2020
8.8
CVSS
CVE-2019-20063HIGH

hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json.

29 Dec 2019
8.8
CVSS
CVE-2019-20016MEDIUM

libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue.

27 Dec 2019
6.5
CVSS
CVE-2019-16095HIGH

Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c.

8 Sep 2019
7.5
CVSS
CVE-2019-16094HIGH

Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.

8 Sep 2019
7.5
CVSS
CVE-2019-16093CRITICAL

Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.

8 Sep 2019
9.8
CVSS
CVE-2019-16092CRITICAL

Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c.

8 Sep 2019
9.8
CVSS
CVE-2019-16091HIGH

Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c.

8 Sep 2019
7.5
CVSS
CVE-2019-10672CRITICAL

treeRead in hdf/btree.c in libmysofa before 0.7 does not properly validate multiplications and additions.

31 Mar 2019
9.8
CVSS
← PrevPage 1 / 1Next →