Vulnerabilities > Alsa Project > Alsa

DATE CVE VULNERABILITY TITLE RISK
2019-11-09 CVE-2009-0035 Link Following vulnerability in Alsa-Project Alsa 1.0.19
alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a symlink attack via the /usr/bin/alsa-info and /usr/bin/alsa-info.sh scripts.
local
low complexity
alsa-project CWE-59
3.6
2019-07-05 CVE-2019-13351 posix/JackSocket.cpp in libjack in JACK2 1.9.1 through 1.9.12 (as distributed with alsa-plugins 1.1.7 and later) has a "double file descriptor close" issue during a failed connection attempt when jackd2 is not running. 6.8