VYPR
Vendor

Openmpt

Products
2
CVEs
12
Across products
15
Status
Private

Products

2

Recent CVEs

12
  • CVE-2018-11710HigJun 4, 2018
    risk 0.57cvss 8.8epss 0.02

    soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted AMS file because of an invalid write near address 0 in an out-of-memory situation.

  • CVE-2017-11311HigJul 17, 2017
    risk 0.51cvss 7.8epss 0.02

    soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt before 0.2.8461-beta26 has a heap buffer overflow with the potential for arbitrary code execution via a crafted PSM File that triggers use of the same sample slot for two samples.

  • CVE-2019-14381HigJul 30, 2019
    risk 0.49cvss 7.5epss 0.01

    libopenmpt before 0.4.3 allows a crash due to a NULL pointer dereference when doing a portamento from an OPL instrument to an empty instrument note map slot.

  • CVE-2019-14383MedJul 30, 2019
    risk 0.42cvss 6.5epss 0.01

    J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.

  • CVE-2019-14382MedJul 30, 2019
    risk 0.42cvss 6.5epss 0.01

    DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.

  • CVE-2019-14380MedJul 30, 2019
    risk 0.42cvss 6.5epss 0.01

    libopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 files.

  • CVE-2018-20861MedJul 30, 2019
    risk 0.42cvss 6.5epss 0.01

    libopenmpt before 0.3.11 allows a crash with certain malformed custom tunings in MPTM files.

  • CVE-2018-20860MedJul 30, 2019
    risk 0.42cvss 6.5epss 0.01

    libopenmpt before 0.3.13 allows a crash with malformed MED files.

  • CVE-2006-4192Aug 17, 2006
    risk 0.04cvss epss 0.08

    Multiple buffer overflows in MODPlug Tracker (OpenMPT) 1.17.02.43 and earlier and libmodplug 0.8 and earlier, as used in GStreamer and possibly other products, allow user-assisted remote attackers to execute arbitrary code via (1) long strings in ITP files used by the…

  • CVE-2019-17113CriOct 4, 2019
    risk 0.00cvss 9.8epss 0.03

    In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow.

  • CVE-2018-10017MedApr 11, 2018
    risk 0.00cvss 6.5epss 0.02

    soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers to cause a denial of service (out-of-bounds read) via an IT or MO3 file with many nested pattern loops.

  • CVE-2018-6611HigFeb 4, 2018
    risk 0.00cvss 8.8epss 0.01

    soundlib/Load_stp.cpp in OpenMPT through 1.27.04.00, and libopenmpt before 0.3.6, has an out-of-bounds read via a malformed STP file.