186 matches found
SUSE CVE-2016-2540
Audacity before 2.1.2 allows remote attackers to cause a denial of service memory corruption and application crash via a crafted FORMATCHUNK structure...
SUSE CVE-2017-1000010
Audacity 2.1.2 through 2.3.2 is vulnerable to Dll HIjacking in the avformat-55.dll resulting arbitrary code execution...
SUSE CVE-2020-11867
Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there...
CVE-2022-40674
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...
CVE-2022-25314
In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString...
CVE-2022-25315
In Expat aka libexpat before 2.4.5, there is an integer overflow in storeRawNames...
CVE-2022-25236
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
CVE-2022-25235
xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context...
Mageia: Security Advisory (MGASA-2021-0001)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-23990
Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function...
CVE-2022-22827
storeAtts in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...
CVE-2022-22826
nextScaffoldPart in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...
Cross-site Scripting (XSS) - Stored in ampache/ampache
✍️ Description This is a stored XSS in the mp3 management library. 🕵️♂️ Proof of Concept 1. Edit meta data with Audacity: 2. Create a new playlist that contains this file. 3. Vote an album 1 and then open "Informations" - "Most rated" 2: 💥 Impact By uploading an mp3 with javascript code into meta...
Cross-site Scripting (XSS) - Stored in ampache/ampache
✍️ Description This is a stored XSS in the mp3 management library. 🕵️♂️ Proof of Concept 1. Edit meta data with Audacity: 2. Create a new playlist that contains this file. 3. Open "New" 1 under "Information" menu: 💥 Impact By uploading an mp3 with javascript code into meta tag could permit an...
Cross-site Scripting (XSS) - Stored in ampache/ampache
✍️ Description This is a stored XSS in the mp3 management library. 🕵️♂️ Proof of Concept 1. Edit meta data with Audacity: 2. Create a new playlist that contains this file. 3. Open "Album" menu: 💥 Impact By uploading an mp3 with javascript code into meta tag could permit an attacker to execute...
Fedora: Security Advisory for audacity (FEDORA-2021-1a043ee3d2)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 34 Update: audacity-3.0.2-3.fc34
Audacity is a cross-platform multitrack audio editor. It allows you to record sounds directly or to import files in various formats. It features a few simple effects, all of the editing features you should need, and unlimited undo. The GUI was built with wxWidgets and the audio I/O supports...
Information Disclosure
audacity is vulnerable to information disclosure. The vulnerability exists as it saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files...
Fedora 33 : audacity (2021-8aaccdbb5f)
The remote Fedora 33 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-8aaccdbb5f advisory. - Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions...
[SECURITY] Fedora 33 Update: audacity-2.4.2-4.fc33
Audacity is a cross-platform multitrack audio editor. It allows you to record sounds directly or to import files in various formats. It features a few simple effects, all of the editing features you should need, and unlimited undo. The GUI was built with wxWidgets and the audio I/O supports...