Milkytracker CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-34927	1 Milkytracker Project	1 Milkytracker	2024-11-21	7.8 High
MilkyTracker v1.03.00 was discovered to contain a stack overflow via the component LoaderXM::load. This vulnerability is triggered when the program is supplied a crafted XM module file.
CVE-2020-15569	2 Debian, Milkytracker Project	2 Debian Linux, Milkytracker	2024-11-21	5.5 Medium
PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor.
CVE-2019-14497	3 Canonical, Debian, Milkytracker Project	3 Ubuntu Linux, Debian Linux, Milkytracker	2024-11-21	7.8 High
ModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in MilkyTracker 1.02.00 has a heap-based buffer overflow.
CVE-2019-14496	3 Canonical, Debian, Milkytracker Project	3 Ubuntu Linux, Debian Linux, Milkytracker	2024-11-21	7.8 High
LoaderXM::load in LoaderXM.cpp in milkyplay in MilkyTracker 1.02.00 has a stack-based buffer overflow.
CVE-2019-14464	4 Canonical, Debian, Fedoraproject and 1 more	4 Ubuntu Linux, Debian Linux, Fedora and 1 more	2024-11-21	5.5 Medium
XMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a heap-based buffer overflow.

Page 1 of 1.