Milkytracker Project Milkytracker vulnerabilities

CVE-2022-34927 [HIGH] CWE-787 CVE-2022-34927: MilkyTracker v1.03.00 was discovered to contain a stack overflow via the component LoaderXM::load. T MilkyTracker v1.03.00 was discovered to contain a stack overflow via the component LoaderXM::load. This vulnerability is triggered when the program is supplied a crafted XM module file.

CVE-2020-15569 [MEDIUM] CWE-416 CVE-2020-15569: PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destruct PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor.

CVE-2019-14497 [HIGH] CWE-787 CVE-2019-14497: ModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in MilkyTracker 1.02.00 has a heap-based ModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in MilkyTracker 1.02.00 has a heap-based buffer overflow.

CVE-2019-14496 [HIGH] CWE-787 CVE-2019-14496: LoaderXM::load in LoaderXM.cpp in milkyplay in MilkyTracker 1.02.00 has a stack-based buffer overflo LoaderXM::load in LoaderXM.cpp in milkyplay in MilkyTracker 1.02.00 has a stack-based buffer overflow.

CVE-2019-14464 [MEDIUM] CWE-787 CVE-2019-14464: XMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a heap-based buffer overflow. XMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a heap-based buffer overflow.