Skip to main content
CVE-2017-16942 MEDIUM This Month

In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists in the function wav_w64_read_fmt_chunk() in wav_w64.c, which may lead to DoS when playing a crafted audio file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Libsndfile
NVD GitHub
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-16946 MEDIUM PATCH This Month

The admin_edit function in app/Controller/UsersController.php in MISP 2.4.82 mishandles the enable_password field, which allows admins to discover a hashed password by reading the audit log. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

PHP Information Disclosure Misp
NVD GitHub VulDB
CVSS 3.0
4.9
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy