Vulnerabilities (CVE)

Filtered by vendor Stepmania Subscribe
Filtered by product Stepmania
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-25010 1 Stepmania 1 Stepmania 2024-02-28 6.4 MEDIUM 9.1 CRITICAL
The component /rootfs in RageFile of Stepmania v5.1b2 and below allows attackers access to the entire file system.
CVE-2020-20412 2 Stepmania, Xiph.org 2 Stepmania, Libvorbis 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file. NOTE: this may overlap CVE-2018-5146.