Lucene search
K
OpenmptLibopenmpt

11 matches found

CVE
CVE
added 2019/10/03 11:57 p.m.281 views

CVE-2019-17113

CVE-2019-17113 affects libopenmpt (libopenmpt_modplug.c) before 0.3.19 and 0.4.x before 0.4.9, where ModPlug_InstrumentName/ModPlug_SampleName do not enforce output-buffer string length limits in the C API, enabling a buffer overflow. The issue is fixed in 0.3.19 and 0.4.9 releases; upgrading to ...

9.8CVSS9.3AI score0.02701EPSS
CVE
CVE
added 2019/07/30 6:33 p.m.152 views

CVE-2019-14383

CVE-2019-14383 affects libopenmpt prior to 0.4.2, where J2B parsing can trigger an assertion failure when handling debug STLs. Multiple third‑party advisories (SUSE/openSUSE updates and related OSS/OSV listings) confirm this vulnerability and show a fix was released in libopenmpt 0.4.2 and newer....

6.5CVSS6.2AI score0.01338EPSS
CVE
CVE
added 2019/07/30 6:34 p.m.149 views

CVE-2019-14382

The CVE-2019-14382 issue affects libopenmpt, specifically DSM handling during parsing of debug STL files, caused by an assertion failure in the parser prior to version 0.4.2. Multiple connected sources (SUSE/OpenSUSE advisories and OSV entries) confirm the vulnerable component and list the same r...

6.5CVSS6.2AI score0.0122EPSS
CVE
CVE
added 2019/07/30 6:33 p.m.145 views

CVE-2018-20860

CVE-2018-20860 affects libopenmpt prior to 0.3.13, causing a crash when handling malformed MED files. The connected updates indicate a security fix in libopenmpt to address this crash (and related fixes for CVE-2018-20861, CVE-2019-14382, CVE-2019-14383) across openSUSE/SLE SUSE update advisories...

6.5CVSS6.2AI score0.01338EPSS
CVE
CVE
added 2019/07/30 6:32 p.m.144 views

CVE-2018-20861

CVE-2018-20861 affects libopenmpt prior to 0.3.11, causing a crash when parsing certain malformed MPTM tunings in MPTM files. Multiple openSUSE/SUSE advisories and OSV entries document the fix as part of libopenmpt updates (e.g., openSUSE-SU-2019:2212/2213) that address this vulnerability alongsi...

6.5CVSS6.2AI score0.01141EPSS
CVE
CVE
added 2019/07/30 6:35 p.m.71 views

CVE-2019-14380

CVE-2019-14380 affects libopenmpt up to 0.4.4 (pre-0.4.5); the issue is an out-of-bounds read in XM and MT2 playback that can crash the application. Debian/DSA notes a fix in libopenmpt with a security update (0.4.3-1+deb10u1); other references corroborate a vulnerability in the library before 0....

6.5CVSS6.4AI score0.00938EPSS
CVE
CVE
added 2018/04/11 5:0 a.m.66 views

CVE-2018-10017

CVE-2018-10017 affects OpenMPT up to 1.27.07.00 and libopenmpt up to 0.3.8, enabling a remote attacker to cause a denial of service via IT/MO3 files with many nested pattern loops (out-of-bounds read). Connected advisories confirm fixes in libopenmpt 0.3.9 and OpenMPT 1.27.07.00. Recommended reme...

6.5CVSS6.3AI score0.02155EPSS
CVE
CVE
added 2018/06/04 1:0 p.m.60 views

CVE-2018-11710

CVE-2018-11710 affects libopenmpt up to version 0.3.8, where AMS file handling could trigger an out-of-memory write near address 0, potentially causing a crash or unspecified impact. The issue is addressed by upgrading to libopenmpt 0.3.9, as documented in multiple advisories (e.g., SUSE/OpenSUSE...

8.8CVSS7AI score0.02067EPSS
CVE
CVE
added 2017/07/13 8:0 p.m.56 views

CVE-2017-11311

OpenMPT (through 1.26.12.00) and libopenmpt (before 0.2.8461-beta26) contain a heap buffer overflow in soundlib/Load_psm.cpp triggered by a crafted PSM file that reuses the same sample slot for two samples, potentially enabling arbitrary code execution. Affected components include OpenMPT and the...

7.8CVSS8AI score0.01679EPSS
CVE
CVE
added 2018/02/04 12:0 p.m.53 views

CVE-2018-6611

CVE-2018-6611 affects OpenMPT (soundlib/Load_stp.cpp) through 1.27.04.00 and libopenmpt before 0.3.6, with an out-of-bounds read triggered by a malformed STP file. Connected docs confirm the vulnerable components and versions, and indicate a fix in libopenmpt 0.3.6 (security update). Impact is a ...

8.8CVSS8.5AI score0.01337EPSS
CVE
CVE
added 2019/07/30 12:41 p.m.53 views

CVE-2019-14381

The CVE-2019-14381 affects libopenmpt up to version 0.4.2; the root cause is a NULL pointer dereference when performing a portamento from an OPL instrument to an empty instrument note map slot, causing a crash. Public references indicate a security update released with release 0.4.3 to address th...

7.5CVSS7.4AI score0.0141EPSS