Skip to main content

Stepmania

2 CVEs product

Monthly

CVE-2022-25010 CRITICAL PATCH Act Now

The component /rootfs in RageFile of Stepmania v5.1b2 and below allows attackers access to the entire file system. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Information Disclosure Stepmania
NVD GitHub
CVSS 3.1
9.1
EPSS
1.0%
CVE-2020-20412 MEDIUM POC This Month

lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Stepmania Libvorbis
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
EPSS 1% CVSS 9.1
CRITICAL PATCH Act Now

The component /rootfs in RageFile of Stepmania v5.1b2 and below allows attackers access to the entire file system. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Information Disclosure Stepmania
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Stepmania Libvorbis
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy