Incorrect Access Control vulnerability in Hashtopussy 0.4.0 allows remote authenticated users to execute actions that should only be available for administrative roles, as demonstrated by an action=createVoucher request to...
Read MoreThe TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (memory allocation error and application crash) via a crafted wav...
Read MoreCross-Site Request Forgery (CSRF) exists in Hashtopussy 0.4.0, allowing an admin password change via users.php.
Read MoreThe fill_buffer_resample function in libmp3lame/util.c in LAME 3.99.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted wav file.
Read MoreThe fill_input_buffer function in jdatasrc.c in libjpeg-turbo 1.5.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted jpg...
Read More