Search CVE reports


Toggle filters

1 – 10 of 13 results


CVE-2019-19489

Medium priority
Needs evaluation

SMPlayer 19.5.0 has a buffer overflow via a long .m3u file.

1 affected package

smplayer

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
smplayer Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2019-12951

Medium priority
Ignored

An issue was discovered in Mongoose before 6.15. The parse_mqtt() function in mg_mqtt.c has a critical heap-based buffer overflow.

1 affected package

smplayer

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
smplayer Ignored Not affected
Show less packages

CVE-2018-18765

Medium priority
Not affected

An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in mg_mqtt_next_subscribe_topic. A specially crafted MQTT SUBSCRIBE...

1 affected package

smplayer

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
smplayer Not affected Not affected Not affected
Show less packages

CVE-2018-18764

Medium priority
Needs evaluation

An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in a parse_mqtt getu16 call. A specially crafted MQTT SUBSCRIBE...

1 affected package

smplayer

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
smplayer Not affected Not affected Not affected Needs evaluation Not affected
Show less packages

CVE-2018-10945

Medium priority
Not affected

The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash, or NULL pointer dereference) via an HTTP request, related to the...

1 affected package

smplayer

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
smplayer Not affected Not affected Not affected
Show less packages

CVE-2017-2922

Medium priority
Not affected

An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while leaving stale pointers which...

1 affected package

smplayer

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
smplayer Not affected
Show less packages

CVE-2017-2921

Medium priority
Not affected

An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause an integer overflow, leading to a heap buffer overflow and...

1 affected package

smplayer

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
smplayer Not affected
Show less packages

CVE-2017-2909

Low priority
Not affected

An infinite loop programming error exists in the DNS server functionality of Cesanta Mongoose 6.8 library. A specially crafted DNS request can cause an infinite loop resulting in high CPU usage and Denial Of Service. An attacker...

1 affected package

smplayer

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
smplayer Not affected
Show less packages

CVE-2017-2895

Low priority
Not affected

An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially...

1 affected package

smplayer

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
smplayer Not affected
Show less packages

CVE-2017-2894

Medium priority
Not affected

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code...

1 affected package

smplayer

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
smplayer Not affected
Show less packages