Wikepage Opus vulnerabilities

CVE-2022-25345 [HIGH] CVE-2022-25345: All versions of package @discordjs/opus are vulnerable to Denial of Service (DoS) when trying to encode using an encoder with zero channels, or a non- All versions of package @discordjs/opus are vulnerable to Denial of Service (DoS) when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash.

CVE-2017-0381 [HIGH] CVE-2017-0381: An information disclosure vulnerability in silk/NLSF_stabilize An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31607432.

CVE-2013-0899 [MEDIUM] CVE-2013-0899: Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a long packet.

CVE-2008-1956 [MEDIUM] CWE-79 CVE-2008-1956: Cross-site scripting (XSS) vulnerability in index.php in Wikepage Opus 13 2007.2 allows remote attac Cross-site scripting (XSS) vulnerability in index.php in Wikepage Opus 13 2007.2 allows remote attackers to inject arbitrary web script or HTML via the wiki parameter.

CVE-2008-1884 [MEDIUM] CVE-2008-1884: Directory traversal vulnerability in index.php in Wikepage Opus 13 2007.2 allows remote attackers to Directory traversal vulnerability in index.php in Wikepage Opus 13 2007.2 allows remote attackers to read arbitrary files via directory traversal sequences in the wiki parameter, a different vector than CVE-2006-4418.

CVE-2007-5295 [MEDIUM] CWE-79 CVE-2007-5295: Multiple cross-site scripting (XSS) vulnerabilities in index.php in (a) Wikepage Opus 13 2007.2 and Multiple cross-site scripting (XSS) vulnerabilities in index.php in (a) Wikepage Opus 13 2007.2 and (b) TipiWiki 2 allow remote attackers to inject arbitrary web script or HTML via the (1) PageContent and (2) PageName parameters.