soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt before 0.2.8461-beta26 has a heap buffer overflow with the potential for arbitrary code execution via a crafted PSM File that triggers use of the same sample slot for two samples.
7.8CVSS
8AI Score
0.003EPSS
soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers to cause a denial of service (out-of-bounds read) via an IT or MO3 file with many nested pattern loops.
6.5CVSS
6.3AI Score
0.006EPSS
soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted AMS file because of an invalid write near address 0 in an out-of-memory situation.
8.8CVSS
7AI Score
0.004EPSS
6.5CVSS
6.2AI Score
0.002EPSS
libopenmpt before 0.3.11 allows a crash with certain malformed custom tunings in MPTM files.
6.5CVSS
6.2AI Score
0.003EPSS
soundlib/Load_stp.cpp in OpenMPT through 1.27.04.00, and libopenmpt before 0.3.6, has an out-of-bounds read via a malformed STP file.
8.8CVSS
8.5AI Score
0.003EPSS
libopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 files.
6.5CVSS
6.4AI Score
0.001EPSS
libopenmpt before 0.4.3 allows a crash due to a NULL pointer dereference when doing a portamento from an OPL instrument to an empty instrument note map slot.
7.5CVSS
7.4AI Score
0.001EPSS
DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.
6.5CVSS
6.2AI Score
0.002EPSS
J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.
6.5CVSS
6.2AI Score
0.004EPSS
In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow.
9.8CVSS
9.3AI Score
0.017EPSS