Every CVE whose affected-product data names Xiph Speex, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2008-1686 — CVSS 9.3 (critical): Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters…
CVE-2020-23903 — CVSS 5.5 (medium): A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS)…
CVE-2020-23904 — CVSS 5.5 (medium): A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. NOTE: the…