VYPR

Vorbis Tools

by Xiph.Org

Source repositories

CVEs (6)

  • CVE-2026-34253HigMay 15, 2026
    risk 0.53cvss 8.2epss 0.01

    A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow…

  • CVE-2017-11331MedJul 31, 2017
    risk 0.39cvss 5.5epss 0.04

    The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file.

  • CVE-2015-6749Sep 21, 2015
    risk 0.00cvss epss 0.04

    Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file.

  • CVE-2014-9640Jan 23, 2015
    risk 0.00cvss epss 0.03

    oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.

  • CVE-2014-9639Jan 23, 2015
    risk 0.00cvss epss 0.04

    Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.

  • CVE-2014-9638Jan 23, 2015
    risk 0.00cvss epss 0.04

    oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.