CVE-2018-14354
- EPSS 6.23%
- Veröffentlicht 17.07.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:48:53
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with a manual subscription or unsubscripti...
CVE-2018-14355
- EPSS 3.32%
- Veröffentlicht 17.07.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:48:54
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/util.c mishandles ".." directory traversal in a mailbox name.
CVE-2018-14356
- EPSS 3.17%
- Veröffentlicht 17.07.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:48:54
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero-length UID.
CVE-2018-14357
- EPSS 4.95%
- Veröffentlicht 17.07.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:48:54
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription.
CVE-2018-14358
- EPSS 3.92%
- Veröffentlicht 17.07.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:48:54
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field.
CVE-2018-14359
- EPSS 4.13%
- Veröffentlicht 17.07.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:48:54
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer overflow via base64 data.
CVE-2018-14362
- EPSS 3.67%
- Veröffentlicht 17.07.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:48:55
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a '/' character.
CVE-2018-10840
- EPSS 0.67%
- Veröffentlicht 16.07.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:07
Linux kernel is vulnerable to a heap-based buffer overflow in the fs/ext4/xattr.c:ext4_xattr_set_entry() function. An attacker could exploit this by operating on a mounted crafted ext4 image.
CVE-2018-0360
- EPSS 1.73%
- Veröffentlicht 16.07.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:38:03
ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c.
CVE-2018-10875
- EPSS 0.59%
- Veröffentlicht 13.07.2018 22:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:11
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.