Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ifax hylafax enterprise - vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2020-15397
HylaFAX+ up to and including 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users (e.g., locations under /var/spool/hylafax that are writable by the uucp account). This allows these users to execute code in the context of...
Hylafax\\+ Project Hylafax\\+
Ifax Hylafax Enterprise -
578
VMScore
CVE-2020-11766
sendfax.php in iFAX AvantFAX prior to 3.3.6 and HylaFAX Enterprise Web Interface prior to 0.2.5 allows authenticated Command Injection.
Ifax Hylafax
Avantfax Avantfax
641
VMScore
CVE-2020-15396
In HylaFAX+ up to and including 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root.
Hylafax\\+ Project Hylafax\\+
Ifax Hylafax Enterprise -
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started