CVE-2025-32946 PeerTube Arbitrary Playlist Creation via ActivityPub Protocol

This vulnerability allows any attacker to add playlists to a different user’s channel using the ActivityPub protocol. The vulnerable code sets the owner of the new playlist to be the user who performed the request, and then sets the associated channel to the channel ID supplied by the request,...

CVE-2025-32946 PeerTube Arbitrary Playlist Creation via ActivityPub Protocol

This vulnerability allows any attacker to add playlists to a different user’s channel using the ActivityPub protocol. The vulnerable code sets the owner of the new playlist to be the user who performed the request, and then sets the associated channel to the channel ID supplied by the request,...

CVE-2025-32945 PeerTube Arbitrary Playlist Creation via REST API

The vulnerability allows an existing user to add playlists to a different user’s channel using the PeerTube REST API. The vulnerable code sets the owner of the new playlist to be the user who performed the request, and then sets the associated channel to the channel ID supplied by the request,...

CVE-2025-32945 PeerTube Arbitrary Playlist Creation via REST API

The vulnerability allows an existing user to add playlists to a different user’s channel using the PeerTube REST API. The vulnerable code sets the owner of the new playlist to be the user who performed the request, and then sets the associated channel to the channel ID supplied by the request,...

ALPINE-CVE-2021-43301

Stack overflow in PJSUA API when calling pjsuaplaylistcreate. An attacker-controlled 'filenames' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation...

PT-2022-1913

Name of the Vulnerable Software and Affected Versions PJSIP affected versions not specified Description The issue is related to a stack overflow in the PJSUA API when calling the pjsua playlist create function. An attacker-controlled file names argument may cause a buffer overflow since it is...

PYSEC-2017-100

Cross-site scripting XSS vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to inject arbitrary web script or HTML via the playlistname field when creating a new playlist...

PYSEC-2017-100

Cross-site scripting XSS vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to inject arbitrary web script or HTML via the playlistname field when creating a new playlist...

[SECURITY] Fedora 14 Update: banshee-1.8.0-10.fc14

Banshee allows you to import CDs, sync your music collection to an iPod, play music directly from an iPod, create playlists with songs from your library, and create audio and MP3 CDs from subsets of your library...