Gracenote
Products
3- 2 CVEs
- 2 CVEs
- 1 CVE
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-2004 | Cri | 0.64 | 9.8 | 0.02 | Mar 29, 2018 | The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function. | ||
| CVE-2007-0443 | 0.01 | — | 0.07 | Apr 24, 2007 | Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters. | |||
| CVE-2006-3134 | 0.01 | — | 0.11 | Jun 27, 2006 | Buffer overflow in GraceNote CDDBControl ActiveX Control, as used by multiple products that use Gracenote CDDB, allows remote attackers to execute arbitrary code via a long option string. | |||
| CVE-1999-1240 | 0.00 | — | 0.02 | Nov 26, 1996 | Buffer overflow in cddbd CD database server allows remote attackers to execute arbitrary commands via a long log message. |
- risk 0.64cvss 9.8epss 0.02
The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.
- CVE-2007-0443Apr 24, 2007risk 0.01cvss —epss 0.07
Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters.
- CVE-2006-3134Jun 27, 2006risk 0.01cvss —epss 0.11
Buffer overflow in GraceNote CDDBControl ActiveX Control, as used by multiple products that use Gracenote CDDB, allows remote attackers to execute arbitrary code via a long option string.
- CVE-1999-1240Nov 26, 1996risk 0.00cvss —epss 0.02
Buffer overflow in cddbd CD database server allows remote attackers to execute arbitrary commands via a long log message.