pkg:Debian/smplayer

All known vulnerabilities

• CRITICAL9.8CVE-2017-2922An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8.
  from 0, < 18.5.0~ds1-1
• CRITICAL9.8CVE-2017-2921An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8.
  from 0, < 18.5.0~ds1-1
• CRITICAL9.8CVE-2017-2894An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8.
  from 0, < 18.5.0~ds1-1
• CRITICAL9.8CVE-2017-2892An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8.
  from 0, < 18.5.0~ds1-1
• CRITICAL9.8CVE-2017-2891An exploitable use-after-free vulnerability exists in the HTTP server implementation of Cesanta Mongoose 6.8.
  from 0, < 18.5.0~ds1-1
• CRITICAL9.1CVE-2018-18765An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13.
  from 0, < 18.5.0~ds1-1
• CRITICAL9.1CVE-2018-18764An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13.
  from 0, < 18.5.0~ds1-1
• HIGH8.2CVE-2017-2895An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8.
  from 0, < 18.5.0~ds1-1
• HIGH7.5CVE-2018-10945The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows remote attackers to cause a denial of service (heap-based buffer over-read…
  from 0, < 18.5.0~ds1-1
• HIGH7.5CVE-2017-2909An infinite loop programming error exists in the DNS server functionality of Cesanta Mongoose 6.8 library.
  from 0, < 18.5.0~ds1-1
• HIGH7.5CVE-2017-2893An exploitable NULL pointer dereference vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8.
  from 0, < 18.5.0~ds1-1