Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nongnu vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-30630
Dmidecode prior to 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible.
Nongnu Dmidecode
7.5
CVSSv2
CVE-2019-17455
Libntlm up to and including 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.
Nongnu Libntlm
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
1 Github repository
6.8
CVSSv2
CVE-2018-1000637
zutils version prior to version 1.8-pre2 contains a Buffer Overflow vulnerability in zcat that can result in Potential denial of service or arbitrary code execution. This attack appear to be exploitable via the victim openning a crafted compressed file. This vulnerability appears...
Nongnu Zutils 1.8
Nongnu Zutils
Debian Debian Linux 8.0
6.8
CVSSv2
CVE-2014-2886
GKSu 2.0.2, when sudo-mode is not enabled, uses " (double quote) characters in a gksu-run-helper argument, which allows malicious users to execute arbitrary commands in certain situations involving an untrusted substring within this argument, as demonstrated by an untrusted ...
Nongnu Gksu 2.0.2
4.9
CVSSv2
CVE-2013-7322
usersfile.c in liboath in OATH Toolkit prior to 2.4.1 does not properly handle lines containing an invalid one-time-password (OTP) type and a user name in /etc/users.oath, which causes the wrong line to be updated when invalidating an OTP and allows context-dependent malicious us...
Nongnu Oath Toolkit 2.0.2
Nongnu Oath Toolkit 2.0.1
Nongnu Oath Toolkit 1.12.0
Nongnu Oath Toolkit 1.10.5
Nongnu Oath Toolkit 1.8.1
Nongnu Oath Toolkit 1.8.0
Nongnu Oath Toolkit 1.4.5
Nongnu Oath Toolkit 1.4.4
Nongnu Oath Toolkit 1.0.1
Nongnu Oath Toolkit 1.0.0
Nongnu Oath Toolkit 2.0.0
Nongnu Oath Toolkit 1.12.6
Nongnu Oath Toolkit 1.10.4
Nongnu Oath Toolkit 1.10.3
Nongnu Oath Toolkit 1.6.4
Nongnu Oath Toolkit 1.6.3
Nongnu Oath Toolkit 1.4.3
Nongnu Oath Toolkit 1.4.2
Nongnu Oath Toolkit 1.12.5
Nongnu Oath Toolkit 1.12.4
Nongnu Oath Toolkit 1.12.3
Nongnu Oath Toolkit 1.10.2
6.9
CVSSv2
CVE-2010-3846
Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow.
Nongnu Cvs 1.11.23
3.5
CVSSv2
CVE-2009-0359
Multiple cross-site scripting (XSS) vulnerabilities in Samizdat prior to 0.6.2 allow remote authenticated users to inject arbitrary web script or HTML via the (1) message title or (2) user full name.
Nongnu Samizdat
7.8
CVSSv2
CVE-2007-3209
Mail Notification 4.0, when WITH_SSL is set to 0 at compile time, uses unencrypted connections for accounts configured with SSL/TLS, which allows remote malicious users to obtain sensitive information by sniffing the network.
Nongnu Mail Notification 4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started