Antonio Morales Maldonado

Researcher fromSemmle Security Research Team
#16882of 53,635
15.9Total CVSS
Vulnerabilities · 2
Medium
1
Critical
1
PT-2019-4197
9.8
2019-10-03
Openmpt · Libopenmpt · CVE-2019-17113
**Name of the Vulnerable Software and Affected Versions** libopenmpt versions prior to 0.3.19 libopenmpt versions 0.4.x prior to 0.4.9 **Description** The issue is related to the functions `ModPlug InstrumentName` and `ModPlug SampleName` in `libopenmpt modplug.c`, which do not properly restrict the lengths of output-buffer strings. This can lead to a buffer overflow, allowing a remote attacker to access confidential data, compromise data integrity, and cause a denial of service. **Recommendations** For libopenmpt versions prior to 0.3.19, update to version 0.3.19 or later. For libopenmpt versions 0.4.x prior to 0.4.9, update to version 0.4.9 or later.
PT-2016-6798
6.1
2016-07-22
Siemens · Sinema Remote Connect Server · CVE-2016-6204
**Name of the Vulnerable Software and Affected Versions** Siemens SINEMA Remote Connect Server versions prior to 1.2 **Description** The issue is related to a cross-site scripting (XSS) vulnerability in the integrated web server. This allows remote attackers to inject arbitrary web script or HTML via a crafted URL. **Recommendations** For versions prior to 1.2, update to version 1.2 or later to resolve the issue.