Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x41 d-sec gmbh vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2014-9862
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X prior to 10.11.6 and other products, allows remote malicious users to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.
Apple Mac Os X
2 Github repositories
9.8
CVSSv3
CVE-2020-14315
A memory corruption vulnerability is present in bspatch as shipped in Colin Percival’s bsdiff tools version 4.3. Insufficient checks when handling external inputs allows an malicious user to bypass the sanity checks in place and write out of a dynamically allocated buffer b...
Daemonology Bsdiff 4.3
2 Github repositories
7.8
CVSSv3
CVE-2018-16742
An issue exists in mgetty prior to 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter.
Mgetty Project Mgetty
7.8
CVSSv3
CVE-2018-16743
An issue exists in mgetty prior to 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy(), which can cause a stack-based buffer overflow.
Mgetty Project Mgetty
7.8
CVSSv3
CVE-2018-16744
An issue exists in mgetty prior to 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used.
Mgetty Project Mgetty
7.8
CVSSv3
CVE-2018-16745
An issue exists in mgetty prior to 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow a buffer overflow if long untrusted input can reach it.
Mgetty Project Mgetty
9.8
CVSSv3
CVE-2018-17141
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote malicious users to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData() in the faxd/CopyQuality.c++ file.
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Hylafax Hylafax\\+ 5.6.0
Hylafax Hylafax 6.0.6
9.8
CVSSv3
CVE-2019-11704
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemory_strdup_and_dequote when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.
Mozilla Thunderbird
1 EDB exploit
5.3
CVSSv3
CVE-2018-20164
An issue exists in regex.yaml (aka regexes.yaml) in UA-Parser UAP-Core prior to 0.6.0. A Regular Expression Denial of Service (ReDoS) issue allows remote malicious users to overload a server by setting the User-Agent header in an HTTP(S) request to a value containing a long digit...
Uaparser User Agent Parser-core
7.8
CVSSv3
CVE-2018-16741
An issue exists in mgetty prior to 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly sanitize shell metacharacters to prevent command injection. It is possible to use the ||, &&, or > characters within a file created by the "faxq-helper act...
Mgetty Project Mgetty
Debian Debian Linux 9.0
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »