Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x41 d-sec gmbh vulnerabilities and exploits
(subscribe to this query)
642
VMScore
CVE-2014-9862
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X prior to 10.11.6 and other products, allows remote malicious users to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.
Apple Mac Os X
2 Github repositories
668
VMScore
CVE-2020-14315
A memory corruption vulnerability is present in bspatch as shipped in Colin Percival’s bsdiff tools version 4.3. Insufficient checks when handling external inputs allows an malicious user to bypass the sanity checks in place and write out of a dynamically allocated buffer b...
Daemonology Bsdiff 4.3
2 Github repositories
409
VMScore
CVE-2018-16744
An issue exists in mgetty prior to 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used.
Mgetty Project Mgetty
409
VMScore
CVE-2018-16742
An issue exists in mgetty prior to 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter.
Mgetty Project Mgetty
409
VMScore
CVE-2018-16743
An issue exists in mgetty prior to 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy(), which can cause a stack-based buffer overflow.
Mgetty Project Mgetty
409
VMScore
CVE-2018-16745
An issue exists in mgetty prior to 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow a buffer overflow if long untrusted input can reach it.
Mgetty Project Mgetty
668
VMScore
CVE-2018-17141
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote malicious users to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData() in the faxd/CopyQuality.c++ file.
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Hylafax Hylafax\\+ 5.6.0
Hylafax Hylafax 6.0.6
641
VMScore
CVE-2018-16741
An issue exists in mgetty prior to 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly sanitize shell metacharacters to prevent command injection. It is possible to use the ||, &&, or > characters within a file created by the "faxq-helper act...
Mgetty Project Mgetty
Debian Debian Linux 9.0
Debian Debian Linux 8.0
755
VMScore
CVE-2019-11704
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemory_strdup_and_dequote when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.
Mozilla Thunderbird
1 EDB exploit
505
VMScore
CVE-2019-11706
A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezone_get_vtimezone_properties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird < 60.7.1.
Mozilla Thunderbird
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »