Audacity

audacity

Vendor: Audacityteam • 6 CVEs

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-11867 2Audacityteam Fedoraproject 2Audacity Fedora Nov 21, 2024 Nov 30, 2020 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary a...Show more Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.Show less
CVE-2016-2541 1Audacityteam 1Audacity Nov 21, 2024 Feb 7, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP2 file.
CVE-2016-2540 1Audacityteam 1Audacity Nov 21, 2024 Feb 7, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted FORMATCHUNK structure.
CVE-2017-1000010 1Audacityteam 1Audacity May 13, 2026 Jul 17, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Audacity 2.1.2 through 2.3.2 is vulnerable to Dll HIjacking in the avformat-55.dll resulting arbitrary code execution.
CVE-2009-0490 1Audacityteam 1Audacity Apr 23, 2026 Feb 10, 2009 N/A· v4 N/A· v3 9.3 HIGH· v2 Stack-based buffer overflow in the String_parse::get_nonspace_quoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service (crash)...Show more Stack-based buffer overflow in the String_parse::get_nonspace_quoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .gro file containing a long string.Show less
CVE-2007-6061 1Audacityteam 1Audacity Apr 23, 2026 Nov 20, 2007 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the d...Show more Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. NOTE: this issue can be leveraged to delete arbitrary files or directories via a symlink attack.Show less