CVEs (5)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
2Owntone Owntone Project2Owntone Owntone ServerFeb 13, 2026 Jan 20, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 A NULL pointer dereference in the dacp_reply_playqueueedit_move function (src/httpd_dacp.c) of owntone-server commit b7e385f allows attackers to cause a Denial of Service (DoS) via sending a crafted DACP request to the s...Show more |
2Owntone Owntone Project2Owntone Owntone ServerFeb 13, 2026 Jan 20, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 A NULL pointer dereference in the parse_meta function (src/httpd_daap.c) of owntone-server commit 334beb allows attackers to cause a Denial of Service (DoS) via sending a crafted DAAP request to the server. |
2Owntone Owntone Project2Owntone Owntone ServerFeb 13, 2026 Jan 20, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 NULL pointer dereference in the dacp_reply_playqueueedit_clear function in src/httpd_dacp.c in owntone-server through commit 6d604a1 (newer commit after version 28.12) allows remote attackers to cause a Denial of Service...Show more |
2Owntone Owntone Project2Owntone Owntone ServerFeb 13, 2026 Jan 20, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 NULL pointer dereference in the daap_reply_groups function in src/httpd_daap.c in owntone-server through commit 5e6f19a (newer commit after version 28.2) allows remote attackers to cause a Denial of Service. |
2Owntone Owntone Project2Owntone Owntone ServerFeb 13, 2026 Aug 10, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 OwnTone (aka owntone-server) through 28.1 has a use-after-free in net_bind() in misc.c. |