|
198411
|
5.9 |
MEDIUM
Network
|
stashcat
|
heinekingmedia
|
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. For authentication, the user password is hashed directly with SH…
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2017-11131
|
2024-11-21 12:07 |
2017-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198412
|
8.1 |
HIGH
Network
|
stashcat
|
heinekingmedia
|
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. The product's protocol only tries to ensure confidentiality. In …
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2017-11130
|
2024-11-21 12:07 |
2017-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198413
|
9.8 |
CRITICAL
Network
|
stashcat
|
heinekingmedia
|
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The keystore is locked with a hard-coded password. Therefore, everyone with access to the keystore can read the content o…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-11129
|
2024-11-21 12:07 |
2017-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198414
|
5.5 |
MEDIUM
Local
|
libid3tag_project
|
libid3tag
|
The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (NULL Pointer Dereference and application crash) via a crafted mp3 file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-11550
|
2024-11-21 12:07 |
2017-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198415
|
5.5 |
MEDIUM
Local
|
timidity\+\+_project
|
timidity\+\+
|
The play_midi function in playmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mid file. NOTE: CPU consumption might be …
|
CWE-834
Excessive Iteration
|
CVE-2017-11549
|
2024-11-21 12:07 |
2017-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198416
|
5.5 |
MEDIUM
Local
|
xiph
|
libao
|
The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service (memory corruption) via a crafted MP3 file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11548
|
2024-11-21 12:07 |
2017-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198417
|
5.5 |
MEDIUM
Local
|
timidity\+\+_project
|
timidity\+\+
|
The resample_gauss function in resample.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted mid file. NOTE: a crash might be releva…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11547
|
2024-11-21 12:07 |
2017-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198418
|
5.5 |
MEDIUM
Local
|
timidity\+\+_project
|
timidity\+\+
|
The insert_note_steps function in readmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mid file. NOTE: a cra…
|
CWE-369
Divide By Zero
|
CVE-2017-11546
|
2024-11-21 12:07 |
2017-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198419
|
5.5 |
MEDIUM
Local
|
sound_exchange_project
debian
|
sound_exchange
debian_linux
|
The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted snd file, during conve…
|
CWE-369
Divide By Zero
|
CVE-2017-11359
|
2024-11-21 12:07 |
2017-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198420
|
5.5 |
MEDIUM
Local
|
sound_exchange_project
debian
|
sound_exchange
debian_linux
|
The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted hcom file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11358
|
2024-11-21 12:07 |
2017-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
