Skip to main content

Milkytracker

5 CVEs product

Monthly

CVE-2022-34927 HIGH POC PATCH This Week

MilkyTracker v1.03.00 was discovered to contain a stack overflow via the component LoaderXM::load. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Milkytracker
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-15569 MEDIUM PATCH This Month

PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure Milkytracker Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.7%
CVE-2019-14497 HIGH POC This Week

ModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in MilkyTracker 1.02.00 has a heap-based buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Milkytracker Ubuntu Linux Debian Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
1.4%
CVE-2019-14496 HIGH POC This Week

LoaderXM::load in LoaderXM.cpp in milkyplay in MilkyTracker 1.02.00 has a stack-based buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Milkytracker Ubuntu Linux Debian Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
1.4%
CVE-2019-14464 MEDIUM POC This Month

XMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a heap-based buffer overflow. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Milkytracker Ubuntu Linux Debian Linux +1
NVD GitHub
CVSS 3.1
5.5
EPSS
1.3%
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

MilkyTracker v1.03.00 was discovered to contain a stack overflow via the component LoaderXM::load. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Milkytracker
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure +2
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC This Week

ModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in MilkyTracker 1.02.00 has a heap-based buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Milkytracker +2
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC This Week

LoaderXM::load in LoaderXM.cpp in milkyplay in MilkyTracker 1.02.00 has a stack-based buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Milkytracker +2
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

XMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a heap-based buffer overflow. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Milkytracker +3
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy