CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33430
https://notcve.org/view.php?id=CVE-2024-33430
01 May 2024 — An issue in phiola/src/afilter/pcm_convert.h:513 of phiola v2.0-rc22 allows a remote attacker to execute arbitrary code via the a crafted .wav file. Un problema en phiola/src/afilter/pcm_convert.h:513 de phiola v2.0-rc22 permite a un atacante remoto ejecutar código arbitrario a través de un archivo .wav manipulado. • https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/segmentFault-1/poc/I2ZFI3~5 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-482: Comparing instead of Assigning •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33429
https://notcve.org/view.php?id=CVE-2024-33429
01 May 2024 — Buffer-Overflow vulnerability at pcm_convert.h:513 of phiola v2.0-rc22 allows a remote attacker to execute arbitrary code via a crafted .wav file. Vulnerabilidad de desbordamiento de búfer en pcm_convert.h:513 de phiola v2.0-rc22 permite a un atacante remoto ejecutar código arbitrario a través de un archivo .wav manipulado. • https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/heap-buffer-overflow-2/heap-buffer-overflow-2.assets/image-20240420011116818.png • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33431
https://notcve.org/view.php?id=CVE-2024-33431
01 May 2024 — An issue in phiola/src/afilter/conv.c:115 of phiola v2.0-rc22 allows a remote attacker to cause a denial of service via a crafted .wav file. Un problema en phiola/src/afilter/conv.c:115 de phiola v2.0-rc22 permite a un atacante remoto provocar una denegación de servicio a través de un archivo .wav manipulado. • https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/flowPointException-1.assets/image-20240420004701828.png • CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33428
https://notcve.org/view.php?id=CVE-2024-33428
01 May 2024 — Buffer-Overflow vulnerability at conv.c:68 of stsaz phiola v2.0-rc22 allows a remote attacker to execute arbitrary code via the a crafted .wav file. Vulnerabilidad de desbordamiento de búfer en conv.c:68 de stsaz phiola v2.0-rc22 permite a un atacante remoto ejecutar código arbitrario a través de un archivo .wav manipulado. • https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/heap-buffer-overflow-1/heap-buffer-overflow-1.assets/image-20240420005017430.png • CWE-122: Heap-based Buffer Overflow •