Filtered by vendor Pandora
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-5200 | 1 Pandora | 1 Kmplayer | 2023-03-03 | 6.8 MEDIUM | 7.8 HIGH |
KMPlayer 4.2.2.15 and earlier have a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted FLV format file. The problem is that more frame data is copied to heap memory than the size specified in the frame header. This results in a memory corruption and remote code execution. | |||||
CVE-2017-3194 | 1 Pandora | 1 Pandora | 2019-10-09 | 4.3 MEDIUM | 8.1 HIGH |
Pandora iOS app prior to version 8.3.2 fails to properly validate SSL certificates provided by HTTPS connections, which may enable an attacker to conduct man-in-the-middle (MITM) attacks. |