cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.
Source: Red Hat, Inc.
Max CVSS
8.8
EPSS Score
0.15%
Published
2023-08-11
Updated
2024-02-16
Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.
Source: Apache Software Foundation
Max CVSS
7.5
EPSS Score
0.37%
Published
2021-06-29
Updated
2021-09-20
GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page.
Source: MITRE
Max CVSS
4.3
EPSS Score
0.83%
Published
2020-06-24
Updated
2021-11-30
Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates it in a TLS context, aka "response injection."
Source: MITRE
Max CVSS
5.9
EPSS Score
0.23%
Published
2020-06-21
Updated
2023-02-27
Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.
Source: MITRE
Max CVSS
7.5
EPSS Score
0.95%
Published
2020-06-19
Updated
2023-01-28
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size.
Source: MITRE
Max CVSS
6.5
EPSS Score
0.18%
Published
2020-06-17
Updated
2022-03-09
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.
Source: MITRE
Max CVSS
5.5
EPSS Score
0.13%
Published
2020-06-17
Updated
2022-03-09
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings.
Source: MITRE
Max CVSS
5.5
EPSS Score
0.13%
Published
2020-06-17
Updated
2022-03-09
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.
Source: MITRE
Max CVSS
5.5
EPSS Score
0.15%
Published
2020-06-17
Updated
2022-03-09
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.
Source: MITRE
Max CVSS
6.5
EPSS Score
0.94%
Published
2020-06-17
Updated
2022-03-09
An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary
Source: MITRE
Max CVSS
7.5
EPSS Score
1.69%
Published
2020-06-17
Updated
2024-05-17
An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed.
Source: MITRE
Max CVSS
7.5
EPSS Score
1.69%
Published
2020-06-17
Updated
2024-05-17
An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c.
Source: MITRE
Max CVSS
7.5
EPSS Score
0.80%
Published
2020-06-17
Updated
2022-03-10
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.
Source: MITRE
Max CVSS
7.5
EPSS Score
1.44%
Published
2020-06-17
Updated
2022-03-10
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.
Source: MITRE
Max CVSS
7.5
EPSS Score
0.16%
Published
2020-06-17
Updated
2022-03-10
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).
Source: MITRE
Max CVSS
8.1
EPSS Score
3.41%
Published
2020-06-16
Updated
2021-11-17
The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function.
Source: MITRE
Max CVSS
7.5
EPSS Score
0.50%
Published
2020-06-15
Updated
2023-01-27
Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response.
Source: MITRE
Max CVSS
5.9
EPSS Score
0.43%
Published
2020-06-15
Updated
2022-04-27
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).
Source: MITRE
Max CVSS
8.1
EPSS Score
5.31%
Published
2020-06-14
Updated
2021-11-17
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).
Source: MITRE
Max CVSS
8.1
EPSS Score
3.40%
Published
2020-06-14
Updated
2021-11-17
In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used.
Source: MITRE
Max CVSS
7.5
EPSS Score
0.34%
Published
2020-06-06
Updated
2022-04-05
Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.
Source: MITRE
Max CVSS
7.5
EPSS Score
3.71%
Published
2020-06-04
Updated
2021-03-08
rom_copy() in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation.
Source: MITRE
Max CVSS
6.8
EPSS Score
0.53%
Published
2020-06-04
Updated
2022-10-07
An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem paths. This allows a local attacker with access to the v4l-conf setuid-root program to test for the existence of arbitrary files and to trigger an open on arbitrary files with mode O_RDWR. To achieve this, relative path components need to be added to the device path, as demonstrated by a v4l-conf -c /dev/../root/.bash_history command.
Source: MITRE
Max CVSS
4.4
EPSS Score
0.04%
Published
2020-06-08
Updated
2022-04-28
PHPMailer before 6.1.6 contains an output escaping bug when the name of a file attachment contains a double quote character. This can result in the file type being misinterpreted by the receiver or any mail relay processing the message.
Source: MITRE
Max CVSS
7.5
EPSS Score
0.90%
Published
2020-06-08
Updated
2023-01-20
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!