Aggregates CVE and security vulnerability intelligence across all aubio-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk buffer overflow and vendor risk memory corruption, with potential vendor impact memory corruption and vendor impact application crash across vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2018-19802 | aubio v0.4.0 to v0.4.8 has a new_aubio_onset NULL pointer dereference. | [email protected] | 7.5 | 2.24% | 2019-06-07 | 2024-11-21 |
| CVE-2018-19801 | aubio v0.4.0 to v0.4.8 has a NULL pointer dereference in new_aubio_filterbank via invalid n_filters. | [email protected] | 7.5 | 2.06% | 2019-06-07 | 2024-11-21 |
| CVE-2018-19800 | aubio v0.4.0 to v0.4.8 has a Buffer Overflow in new_aubio_tempo. | [email protected] | 9.8 | 2.24% | 2019-06-07 | 2024-11-21 |
| CVE-2018-14523 | An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes. | [email protected] | 8.8 | 1.97% | 2018-07-23 | 2024-11-21 |
| CVE-2018-14522 | An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes. | [email protected] | 8.8 | 1.95% | 2018-07-23 | 2024-11-21 |
| CVE-2018-14521 | An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc. | [email protected] | 8.8 | 1.50% | 2018-07-23 | 2024-11-21 |
| CVE-2017-17555 | The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file. | [email protected] | 6.5 | 1.05% | 2017-12-12 | 2026-05-13 |
| CVE-2017-17554 | A NULL pointer dereference (DoS) Vulnerability was found in the function aubio_source_avcodec_readframe in io/source_avcodec.c of aubio 0.4.6, which may lead to DoS when playing a crafted audio file. | [email protected] | 5.5 | 0.74% | 2017-12-12 | 2026-05-13 |
| CVE-2017-17054 | In aubio 0.4.6, a divide-by-zero error exists in the function new_aubio_source_wavread() in source_wavread.c, which may lead to DoS when playing a crafted audio file. | [email protected] | 5.5 | 0.83% | 2017-11-29 | 2026-05-13 |