Lucene search
K

186 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:5 a.m.5 views

SUSE CVE-2016-2540

Audacity before 2.1.2 allows remote attackers to cause a denial of service memory corruption and application crash via a crafted FORMATCHUNK structure...

5.5CVSS6.9AI score0.01922EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:35 a.m.7 views

SUSE CVE-2017-1000010

Audacity 2.1.2 through 2.3.2 is vulnerable to Dll HIjacking in the avformat-55.dll resulting arbitrary code execution...

7.8CVSS8AI score0.02136EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:59 a.m.5 views

SUSE CVE-2020-11867

Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there...

3.3CVSS4.3AI score0.00469EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2022/09/14 11:15 a.m.78 views

CVE-2022-40674

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...

8.1CVSS6.8AI score0.01659EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2022/02/18 5:15 a.m.80 views

CVE-2022-25314

In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString...

7.5CVSS6.8AI score0.04654EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2022/02/18 5:15 a.m.62 views

CVE-2022-25315

In Expat aka libexpat before 2.4.5, there is an integer overflow in storeRawNames...

9.8CVSS6.9AI score0.04781EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2022/02/15 12:0 a.m.70 views

CVE-2022-25236

xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...

9.8CVSS6.8AI score0.34174EPSS
Exploits0References13
UbuntuCve
UbuntuCve
added 2022/02/15 12:0 a.m.102 views

CVE-2022-25235

xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context...

9.8CVSS6.9AI score0.04955EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.12 views

Mageia: Security Advisory (MGASA-2021-0001)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS3.9AI score0.00469EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2022/01/26 7:15 p.m.75 views

CVE-2022-23990

Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function...

7.5CVSS6.9AI score0.03992EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2022/01/10 2:12 p.m.51 views

CVE-2022-22827

storeAtts in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

8.8CVSS6.9AI score0.02778EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2022/01/10 2:12 p.m.52 views

CVE-2022-22826

nextScaffoldPart in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

8.8CVSS7AI score0.02778EPSS
Exploits0References5
Huntr
Huntr
added 2021/08/13 3:19 p.m.11 views

Cross-site Scripting (XSS) - Stored in ampache/ampache

✍️ Description This is a stored XSS in the mp3 management library. 🕵️‍♂️ Proof of Concept 1. Edit meta data with Audacity: 2. Create a new playlist that contains this file. 3. Vote an album 1 and then open "Informations" - "Most rated" 2: 💥 Impact By uploading an mp3 with javascript code into meta...

1.5AI score
Exploits0
Huntr
Huntr
added 2021/08/13 3:8 p.m.9 views

Cross-site Scripting (XSS) - Stored in ampache/ampache

✍️ Description This is a stored XSS in the mp3 management library. 🕵️‍♂️ Proof of Concept 1. Edit meta data with Audacity: 2. Create a new playlist that contains this file. 3. Open "New" 1 under "Information" menu: 💥 Impact By uploading an mp3 with javascript code into meta tag could permit an...

1.2AI score
Exploits0
Huntr
Huntr
added 2021/08/13 2:39 p.m.10 views

Cross-site Scripting (XSS) - Stored in ampache/ampache

✍️ Description This is a stored XSS in the mp3 management library. 🕵️‍♂️ Proof of Concept 1. Edit meta data with Audacity: 2. Create a new playlist that contains this file. 3. Open "Album" menu: 💥 Impact By uploading an mp3 with javascript code into meta tag could permit an attacker to execute...

1.1AI score
Exploits0
OpenVAS
OpenVAS
added 2021/06/24 12:0 a.m.20 views

Fedora: Security Advisory for audacity (FEDORA-2021-1a043ee3d2)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

4AI score
Exploits0References2
Fedora
Fedora
added 2021/06/22 1:2 a.m.39 views

[SECURITY] Fedora 34 Update: audacity-3.0.2-3.fc34

Audacity is a cross-platform multitrack audio editor. It allows you to record sounds directly or to import files in various formats. It features a few simple effects, all of the editing features you should need, and unlimited undo. The GUI was built with wxWidgets and the audio I/O supports...

3.3CVSS2.3AI score0.00469EPSS
Exploits0
Veracode
Veracode
added 2021/03/02 11:10 a.m.18 views

Information Disclosure

audacity is vulnerable to information disclosure. The vulnerability exists as it saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files...

3.3CVSS0.9AI score0.00469EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/02/16 12:0 a.m.28 views

Fedora 33 : audacity (2021-8aaccdbb5f)

The remote Fedora 33 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-8aaccdbb5f advisory. - Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions...

3.3CVSS4.9AI score0.00469EPSS
Exploits0References2
Fedora
Fedora
added 2021/02/15 1:32 a.m.88 views

[SECURITY] Fedora 33 Update: audacity-2.4.2-4.fc33

Audacity is a cross-platform multitrack audio editor. It allows you to record sounds directly or to import files in various formats. It features a few simple effects, all of the editing features you should need, and unlimited undo. The GUI was built with wxWidgets and the audio I/O supports...

3.3CVSS2.3AI score0.00469EPSS
Exploits0
Rows per page
Query Builder