Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
text-to-speech vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-16253
The Text-to-speech Engine (aka SamsungTTS) application prior to 3.0.02.7 and 3.0.00.101 for Android allows a local malicious user to escalate privileges, e.g., to system privileges. The Samsung case ID is 101755.
Samsung Text-to-speech
8 Github repositories
5.4
CVSSv3
CVE-2023-0070
The ResponsiveVoice Text To Speech WordPress plugin prior to 1.7.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored ...
Responsivevoice Responsivevoice Text To Speech
8.8
CVSSv3
CVE-2018-8634
A remote code execution vulnerability exists in Windows where Microsoft text-to-speech fails to properly handle objects in the memory, aka "Microsoft Text-To-Speech Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, ...
Microsoft Windows 10 1607
Microsoft Windows Server 2016 -
Microsoft Windows 10 1703
Microsoft Windows 10 -
Microsoft Windows 10 1709
Microsoft Windows Server 2016 1709
Microsoft Windows 10 1803
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
7.8
CVSSv3
CVE-2019-0985
A remote code execution vulnerability exists when the Microsoft Speech API (SAPI) improperly handles text-to-speech (TTS) input, aka 'Microsoft Speech API Remote Code Execution Vulnerability'.
Microsoft Windows Server 2008 R2
Microsoft Windows 7 -
1 Article
NA
CVE-2002-1006
Cross-site scripting (XSS) vulnerability in BBC Education Text to Speech Internet Enhancer (Betsie) 1.5.11 and previous versions allows remote malicious users to execute arbitrary web script via parserl.pl.
Bbc Education Betsie 1.5.2
Bbc Education Betsie 1.5.6
Bbc Education Betsie 1.5.7
Bbc Education Betsie 1.5
Bbc Education Betsie 1.5.3
Bbc Education Betsie 1.5.9
Bbc Education Betsie 1.5.8
Bbc Education Betsie 1.5.1
Bbc Education Betsie 1.5.10
Bbc Education Betsie 1.5.11
Bbc Education Betsie 1.5.4
Bbc Education Betsie 1.5.5
1 EDB exploit
NA
CVE-2014-1724
Use-after-free vulnerability in Free(b)soft Laboratory Speech Dispatcher 0.7.1, as used in Google Chrome prior to 34.0.1847.116, allows remote malicious users to cause a denial of service (application hang) or possibly have unspecified other impact via a text-to-speech request.
Google Chrome
7.8
CVSSv3
CVE-2021-28927
The text-to-speech engine in libretro RetroArch for Windows 1.9.0 passes unsanitized input to PowerShell through platform_win32.c via the accessibility_speak_windows function, which allows attackers who have write access on filesystems that are used by RetroArch to execute code v...
Libretro Retroarch
NA
CVE-2007-0018
Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as used by multiple products, allows remote malicious users to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include (1) NCTsoft NC...
Mcfunsoft Audio Studio 6.6.3 Build 479
J Hepple Products Fx Movie Joiner And Splitter 6.2.8
Movavi Suite 3.5
Movavi Dvd To Ipod 1.0
Cheetahburner Cheetah Dvd Burner 1.79
Mcfunsoft Ipod Music Converter 5.1
Mystik Media Products Blaze Media Pro 7.0
Xrlly Software Arial Audio Converter 2.3.40
Code-it Softare Wave Mp3 Editor 10.1
Softdiv Softare Videozilla 2.5
Code-it Softare Abasic Editor 10.1
Dandans Digital Media Products Music Editing Master 5.2
Magicvideosoftare Magic Music Editor 5.2.2
Mcfunsoft Recording To Ipod Solution 5.1
Softdiv Softare Dexster 3.0
Nctsoft Products Nctaudioeditor 2.7.1
Dandans Digital Media Products Easy Audio Editor 7.4
Cdburnerxp Cdburnerxp Pro 3.0.116
Dandans Digital Media Products Full Audio Converter 4.2
Magicvideosoftare Magic Audio Converter 8.2.6 Build 719
J Hepple Products Fx Audio Editor 4.7.11
Virtual Cd Virtual Cd 7.1.0.2
3 EDB exploits
NA
CVE-2024-0828
The Play.ht – Make Your Blog Posts Accessible With Text to Speech Audio plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 3.6.4. This makes it possible for ...
NA
CVE-2024-0827
The Play.ht – Make Your Blog Posts Accessible With Text to Speech Audio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.6.4. This is due to missing or incorrect nonce validation on several functions. This makes it pos...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »