CVE-2025-63648

A NULL pointer dereference in the dacpreplyplayqueueeditmove function src/httpddacp.c of owntone-server commit b7e385f allows attackers to cause a Denial of Service DoS via sending a crafted DACP request to the server...

CVE-2025-57156

NULL pointer dereference in the dacpreplyplayqueueeditclear function in src/httpddacp.c in owntone-server through commit 6d604a1 newer commit after version 28.12 allows remote attackers to cause a Denial of Service crash...

EUVD-2013-7078

Malware in sbrugna...

CVE-2013-7301

Cantata before 1.2.2 does not restrict access to files in the play queue, which allows remote attackers to obtain sensitive information by reading the songs in the queue...

Information disclosure

Cantata before 1.2.2 does not restrict access to files in the play queue, which allows remote attackers to obtain sensitive information by reading the songs in the queue...

CVE-2013-7301

Cantata before 1.2.2 does not restrict access to files in the play queue, which allows remote attackers to obtain sensitive information by reading the songs in the queue...

UBUNTU-CVE-2013-7301

Cantata before 1.2.2 does not restrict access to files in the play queue, which allows remote attackers to obtain sensitive information by reading the songs in the queue...