Clementine
by Clementine
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-40827 | Hig | 0.51 | 7.8 | 0.01 | Dec 15, 2021 | Clementine Music Player through 1.3.1 (when a GLib 2.0.0 DLL is used) is vulnerable to a Read Access Violation on Block Data Move, affecting the MP3 file parsing functionality at memcpy+0x265. The vulnerability is triggered when the user opens a crafted MP3 file or loads a… | ||
| CVE-2021-40826 | Hig | 0.51 | 7.8 | 0.01 | Dec 15, 2021 | Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation, affecting the MP3 file parsing functionality at clementine+0x3aa207. The vulnerability is triggered when the user opens a crafted MP3 file or loads a remote stream URL that is mishandled… | ||
| CVE-2024-50986 | Hig | 0.48 | 7.3 | 0.01 | Nov 15, 2024 | An issue in Clementine v.1.3.1 allows a local attacker to execute arbitrary code via a crafted DLL file. | ||
| CVE-2018-14332 | Med | 0.36 | 5.5 | 0.01 | Jul 19, 2018 | An issue was discovered in Clementine Music Player 1.3.1. Clementine.exe is vulnerable to a user mode write access violation due to a NULL pointer dereference in the Init call in the MoodbarPipeline::NewPadCallback function in moodbar/moodbarpipeline.cpp. The vulnerability is… |
- risk 0.51cvss 7.8epss 0.01
Clementine Music Player through 1.3.1 (when a GLib 2.0.0 DLL is used) is vulnerable to a Read Access Violation on Block Data Move, affecting the MP3 file parsing functionality at memcpy+0x265. The vulnerability is triggered when the user opens a crafted MP3 file or loads a…
- risk 0.51cvss 7.8epss 0.01
Clementine Music Player through 1.3.1 is vulnerable to a User Mode Write Access Violation, affecting the MP3 file parsing functionality at clementine+0x3aa207. The vulnerability is triggered when the user opens a crafted MP3 file or loads a remote stream URL that is mishandled…
- risk 0.48cvss 7.3epss 0.01
An issue in Clementine v.1.3.1 allows a local attacker to execute arbitrary code via a crafted DLL file.
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in Clementine Music Player 1.3.1. Clementine.exe is vulnerable to a user mode write access violation due to a NULL pointer dereference in the Init call in the MoodbarPipeline::NewPadCallback function in moodbar/moodbarpipeline.cpp. The vulnerability is…