Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x41 d-sec gmbh vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2014-9862
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X prior to 10.11.6 and other products, allows remote malicious users to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.
Apple Mac Os X
2 Github repositories
9.8
CVSSv3
CVE-2020-14315
A memory corruption vulnerability is present in bspatch as shipped in Colin Percival’s bsdiff tools version 4.3. Insufficient checks when handling external inputs allows an malicious user to bypass the sanity checks in place and write out of a dynamically allocated buffer b...
Daemonology Bsdiff 4.3
2 Github repositories
9.8
CVSSv3
CVE-2018-17141
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote malicious users to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData() in the faxd/CopyQuality.c++ file.
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Hylafax Hylafax\\+ 5.6.0
Hylafax Hylafax 6.0.6
9.8
CVSSv3
CVE-2019-11705
A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecur_add_bydayrules when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.
Mozilla Thunderbird
1 EDB exploit
7.5
CVSSv3
CVE-2019-11706
A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezone_get_vtimezone_properties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird < 60.7.1.
Mozilla Thunderbird
1 EDB exploit
9.8
CVSSv3
CVE-2019-11704
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemory_strdup_and_dequote when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.
Mozilla Thunderbird
1 EDB exploit
7.7
CVSSv3
CVE-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
F5 Nginx
Openresty Openresty
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Ontap Select Deploy Administration Utility -
Oracle Communications Operations Monitor 3.4
Oracle Enterprise Session Border Controller 8.4
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.3
Oracle Communications Session Border Controller 8.4
Oracle Enterprise Session Border Controller 9.0
Oracle Communications Session Border Controller 9.0
Oracle Enterprise Communications Broker 3.3.0
Oracle Enterprise Telephony Fraud Monitor 4.2
Oracle Enterprise Telephony Fraud Monitor 4.3
Oracle Enterprise Telephony Fraud Monitor 4.4
Oracle Enterprise Telephony Fraud Monitor 3.4
Oracle Communications Operations Monitor 4.4
Oracle Communications Fraud Monitor
Oracle Communications Control Plane Monitor 4.2
Oracle Communications Control Plane Monitor 4.3
Oracle Communications Control Plane Monitor 4.4
27 Github repositories
1 Article
7.8
CVSSv3
CVE-2017-6307
An issue exists in tnef prior to 1.4.13. Two OOB Writes have been identified in src/mapi_attr.c:mapi_attr_read(). These might lead to invalid read and write operations, controlled by an attacker.
Tnef Project Tnef
Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2017-6308
An issue exists in tnef prior to 1.4.13. Several Integer Overflows, which can lead to Heap Overflows, have been identified in the functions that wrap memory allocation.
Tnef Project Tnef
Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2017-6309
An issue exists in tnef prior to 1.4.13. Two type confusions have been identified in the parse_file() function. These might lead to invalid read and write operations, controlled by an attacker.
Tnef Project Tnef
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »