Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nullsoft vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2007-4619
Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC prior to 1.2.1, as used in Winamp prior to 5.5 and other products, allow user-assisted remote malicious users to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resul...
Flac Libflac
Nullsoft Winamp
5
CVSSv2
CVE-2001-1304
Buffer overflow in SHOUTcast Server 1.8.2 allows remote malicious users to cause a denial of service (crash) via several HTTP requests with a long (1) user-agent or (2) host HTTP header.
Nullsoft Shoutcast Server 1.8.2
4.3
CVSSv2
CVE-2007-1229
Cross-site scripting (XSS) vulnerability in the Nullsoft ShoutcastServer 1.9.7 allows remote malicious users to inject arbitrary web script or HTML via the top-level URI on the Incoming interface (port 8001/tcp), which is not properly handled in the administrator interface when v...
Nullsoft Shoutcast Server 1.9.7
1 EDB exploit
6.8
CVSSv2
CVE-2007-6403
Stack-based buffer overflow in Nullsoft Winamp 5.32 allows user-assisted remote malicious users to execute arbitrary code via crafted unicode in a .mp4 file, with crafted tags, contained in a certain .rar archive, a related issue to CVE-2007-2498. NOTE: for exploitation, the vict...
Winamp Nullsoft Winamp 5.32
1 EDB exploit
7.5
CVSSv2
CVE-2004-1373
Format string vulnerability in SHOUTcast 1.9.4 allows remote malicious users to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a .mp3 file.
Nullsoft Shoutcast Server 1.9.4
3 EDB exploits
2.1
CVSSv2
CVE-2003-1174
Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via (1) icy-name followed by a long server name or (2) icy-url followed by a long URL.
Nullsoft Shoutcast Server 1.9.2
2 EDB exploits
9.3
CVSSv2
CVE-2009-0186
Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent malicious users to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow.
Nullsoft Winamp 5.541
Nullsoft Winamp 5.55
Mega-nerd Libsndfile 1.0.14
Mega-nerd Libsndfile 1.0.13
Mega-nerd Libsndfile 1.0.12
Mega-nerd Libsndfile 1.0.5
Mega-nerd Libsndfile 1.0.4
Mega-nerd Libsndfile 0.0.28
Mega-nerd Libsndfile 0.0.8
Mega-nerd Libsndfile 1.0.11
Mega-nerd Libsndfile 1.0.10
Mega-nerd Libsndfile 1.0.3
Mega-nerd Libsndfile 1.0.2
Mega-nerd Libsndfile
Mega-nerd Libsndfile 1.0.17
Mega-nerd Libsndfile 1.0.9
Mega-nerd Libsndfile 1.0.8
Mega-nerd Libsndfile 1.0.1
Mega-nerd Libsndfile 1.0.0
Mega-nerd Libsndfile 1.0.16
Mega-nerd Libsndfile 1.0.15
Mega-nerd Libsndfile 1.0.7
4.3
CVSSv2
CVE-2015-0941
The Inetc plugin for Nullsoft Scriptable Install System (NSIS), as used in CERT/CC Failure Observation Engine (FOE) and other products, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and possibly execute arbitr...
Inetc Project Inetc
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8