18 matches found
EUVD-2009-1253
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-40826
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation, affecting the MP3 file parsing functionality at clementine+0x3aa207...
Cross-site Scripting in OctoPrint
Cross-site Scripting XSS - Generic in GitHub repository octoprint/octoprint prior to 1.8.0. The Stream URL of octoprint application allowing a xss payload to execute...
GHSA-H8PC-J334-JJHM Cross-site Scripting in OctoPrint
Cross-site Scripting XSS - Generic in GitHub repository octoprint/octoprint prior to 1.8.0. The Stream URL of octoprint application allowing a xss payload to execute...
CVE-2021-40826
Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation, affecting the MP3 file parsing functionality at clementine+0x3aa207. The vulnerability is triggered when the user opens a crafted MP3 file or loads a remote stream URL that is mishandled by Clementine...
CVE-2021-40826
Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation, affecting the MP3 file parsing functionality at clementine+0x3aa207. The vulnerability is triggered when the user opens a crafted MP3 file or loads a remote stream URL that is mishandled by Clementine...
CVE-2021-40827
Clementine Music Player through 1.3.1 when a GLib 2.0.0 DLL is used is vulnerable to a Read Access Violation on Block Data Move, affecting the MP3 file parsing functionality at memcpy+0x265. The vulnerability is triggered when the user opens a crafted MP3 file or loads a remote stream URL that is...
Code injection
Clementine Music Player through 1.3.1 when a GLib 2.0.0 DLL is used is vulnerable to a Read Access Violation on Block Data Move, affecting the MP3 file parsing functionality at memcpy+0x265. The vulnerability is triggered when the user opens a crafted MP3 file or loads a remote stream URL that is...
CVE-2021-40826
Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation, affecting the MP3 file parsing functionality at clementine+0x3aa207. The vulnerability is triggered when the user opens a crafted MP3 file or loads a remote stream URL that is mishandled by Clementine...
CVE-2021-40826
Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation, affecting the MP3 file parsing functionality at clementine+0x3aa207. The vulnerability is triggered when the user opens a crafted MP3 file or loads a remote stream URL that is mishandled by Clementine...
CVE-2018-20228
Subsonic V6.1.5 allows internetRadioSettings.view streamUrl CSRF, with resultant SSRF...
Foscam Opticam i5 Information Disclosure Vulnerability
Foscam Opticam i5 is an IP camera from FOSCAM. An information disclosure vulnerability exists in the Foscam Opticam i5 with system firmware 1.5.2.11 and application firmware 2.21.1.128. The vulnerability stems from a response to an ONVIF media GetStreamUri request containing an administrator...
CVE-2009-1254
James Stone Tunapie 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a stream URL...
CVE-2009-1254
James Stone Tunapie 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a stream URL...
Code injection
James Stone Tunapie 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a stream URL...
CVE-2009-1254
James Stone Tunapie 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a stream URL...
CVE-2009-1254
Removed by vendor...
CVE-2009-1254
Tunapie (GUI frontend for video/radio streams) is affected by CVE-2009-1254 due to insufficient escaping of stream URLs, enabling remote command execution via a crafted URL. The issue is part of a set also including CVE-2009-1253 (symlink-based local DoS); Debian DSAs document fixes. Remediation ...