Every CVE whose affected-product data names Openmpt Libopenmpt, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2019-17113 — CVSS 9.8 (critical): In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict…
CVE-2018-11710 — CVSS 8.8 (high): soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers to cause a denial of service (application crash) or possibly have…
CVE-2018-6611 — CVSS 8.8 (high): soundlib/Load_stp.cpp in OpenMPT through 1.27.04.00, and libopenmpt before 0.3.6, has an out-of-bounds read via a malformed STP file.
CVE-2017-11311 — CVSS 7.8 (high): soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt before 0.2.8461-beta26 has a heap buffer overflow with the potential for…
CVE-2019-14381 — CVSS 7.5 (high): libopenmpt before 0.4.3 allows a crash due to a NULL pointer dereference when doing a portamento from an OPL instrument to an empty…
CVE-2019-14380 — CVSS 6.5 (medium): libopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 files.
CVE-2018-10017 — CVSS 6.5 (medium): soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers to cause a denial of service…