CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-10043 – abreen Apollo path traversal
https://notcve.org/view.php?id=CVE-2015-10043
14 Jan 2023 — A vulnerability, which was classified as critical, was found in abreen Apollo. This affects an unknown part. The manipulation of the argument file leads to path traversal. The patch is named 6206406630780bbd074aff34f4683fb764faba71. It is recommended to apply a patch to fix this issue. • https://github.com/abreen/Apollo/commit/6206406630780bbd074aff34f4683fb764faba71 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 10%CPEs: 1EXPL: 2CVE-2009-1351 – Apollo 37zz - '.m3u' Local Heap Overflow (PoC)
https://notcve.org/view.php?id=CVE-2009-1351
21 Apr 2009 — Heap-based buffer overflow in Apollo 37zz allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long URI in a playlist (.m3u) file. Desbordamiento de búfer basado en montículo en Apollo 37zz permite a atacantes remotos producir una denegación de servicio (caída de aplicación) y posiblemente ejecutar código a través de una URI larga en un fichero de lista de reproducción (.m3u). • https://www.exploit-db.com/exploits/8451 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •