Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Banshee-project Subscribe
Filtered by product Banshee
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-3998 1 Banshee-project 1 Banshee 2011-09-14 6.9 MEDIUM N/A
The (1) banshee-1 and (2) muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: Banshee might also be affected using GST_PLUGIN_PATH.
CVE-2009-1175 1 Banshee-project 1 Banshee 2009-04-01 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in apps/web/vs_diag.cgi in the DAAP extension in Banshee 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the server parameter, which is not properly handled in an error message.