CVE-2019-20063 — CVSS 8.8 (high): hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json.
CVE-2020-36152 — CVSS 8.8 (high): Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted…
CVE-2020-6860 — CVSS 8.8 (high): libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute.
CVE-2019-16094 — CVSS 7.5 (high): Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.
CVE-2020-36150 — CVSS 6.5 (medium): Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to…
CVE-2020-36151 — CVSS 6.5 (medium): Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer…
CVE-2019-20016 — CVSS 6.5 (medium): libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in…
CVE-2020-36148 — CVSS 6.5 (medium): Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and…
CVE-2020-36149 — CVSS 6.5 (medium): Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and…