Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-18796 | 1 Un4seen | 1 Bass | 2024-11-21 | 7.1 HIGH | 6.5 MEDIUM |
The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile Denial of Service vulnerability (infinite loop) via a crafted .mp3 file. This weakness could allow attackers to consume excessive CPU and the application becomes unresponsive. | |||||
CVE-2019-18795 | 1 Un4seen | 1 Bass | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile out of bounds read vulnerability via a crafted .wav file. An attacker can exploit this issues to gain access to sensitive information that may aid in further attacks. A failure in exploitation leads to denial of service. | |||||
CVE-2019-18794 | 1 Un4seen | 1 Bass | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile Use after Free vulnerability via a crafted .ogg file. An attacker can exploit this to gain access to sensitive information that may aid in further attacks. A failure in exploitation leads to denial of service. |