Nongnu : Security Vulnerabilities, CVEs, CVSS score >= 7
Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible.
Max CVSS
7.1
EPSS Score
0.04%
Published
2023-04-13
Updated
2023-09-28
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.
Max CVSS
9.8
EPSS Score
0.63%
Published
2019-10-10
Updated
2021-11-30
zutils version prior to version 1.8-pre2 contains a Buffer Overflow vulnerability in zcat that can result in Potential denial of service or arbitrary code execution. This attack appear to be exploitable via the victim openning a crafted compressed file. This vulnerability appears to have been fixed in 1.8-pre2.
Max CVSS
7.8
EPSS Score
0.21%
Published
2018-08-20
Updated
2018-11-02
Mail Notification 4.0, when WITH_SSL is set to 0 at compile time, uses unencrypted connections for accounts configured with SSL/TLS, which allows remote attackers to obtain sensitive information by sniffing the network.
Max CVSS
7.8
EPSS Score
1.04%
Published
2007-06-14
Updated
2017-07-29
4 vulnerabilities found