Filtered by vendor Owntone Subscriptions
Filtered by product Owntone-server Subscriptions

Search

Switch to Advanced Search (Beta)
Total 6 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2026-26828 1 Owntone 1 Owntone-server 2026-03-24 7.5 High
A NULL pointer dereference in the daap_reply_playlists function (src/httpd_daap.c) of owntone-server commit 3d1652d allows attackers to cause a Denial of Service (DoS) via sending a crafted DAAP request to the server
CVE-2026-26829 1 Owntone 1 Owntone-server 2026-03-24 7.5 High
A NULL pointer dereference in the safe_atou64 function (src/misc.c) of owntone-server through commit c4d57aa allows attackers to cause a Denial of Service (DoS) via sending a series of crafted HTTP requests to the server.
CVE-2025-63647 1 Owntone 2 Owntone-server, Owntone Server 2026-02-13 7.5 High
A NULL pointer dereference in the parse_meta function (src/httpd_daap.c) of owntone-server commit 334beb allows attackers to cause a Denial of Service (DoS) via sending a crafted DAAP request to the server.
CVE-2025-63648 1 Owntone 2 Owntone-server, Owntone Server 2026-02-13 7.5 High
A NULL pointer dereference in the dacp_reply_playqueueedit_move function (src/httpd_dacp.c) of owntone-server commit b7e385f allows attackers to cause a Denial of Service (DoS) via sending a crafted DACP request to the server.
CVE-2025-57155 1 Owntone 2 Owntone-server, Owntone Server 2026-02-13 7.5 High
NULL pointer dereference in the daap_reply_groups function in src/httpd_daap.c in owntone-server through commit 5e6f19a (newer commit after version 28.2) allows remote attackers to cause a Denial of Service.
CVE-2025-57156 1 Owntone 2 Owntone-server, Owntone Server 2026-02-13 7.5 High
NULL pointer dereference in the dacp_reply_playqueueedit_clear function in src/httpd_dacp.c in owntone-server through commit 6d604a1 (newer commit after version 28.12) allows remote attackers to cause a Denial of Service (crash).