Vulnerabilities (CVE)

Filtered by vendor Libmp3splt Project Subscribe
Filtered by product Libmp3splt
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-5665 1 Libmp3splt Project 1 Libmp3splt 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
The splt_cue_export_to_file function in cue.c in libmp3splt 0.9.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
CVE-2017-15185 1 Libmp3splt Project 1 Libmp3splt 2024-11-21 4.3 MEDIUM 5.0 MEDIUM
plugins/ogg.c in Libmp3splt 0.9.2 calls the libvorbis vorbis_block_clear function with uninitialized data upon detection of invalid input, which allows remote attackers to cause a denial of service (application crash) via a crafted file.