CVE-2023-26433

When adding an external mail account, processing of IMAP "capabilities" responses are not limited to plausible sizes. Attacker with access to a rogue IMAP service could trigger requests that lead to excessive resource usage and eventually service unavailability. We now limit accepted IMAP server...

CVE-2022-26433

In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138400; Issue ID: ALPS07138400...

CVE-2023-26433

When adding an external mail account, processing of IMAP "capabilities" responses are not limited to plausible sizes. Attacker with access to a rogue IMAP service could trigger requests that lead to excessive resource usage and eventually service unavailability. We now limit accepted IMAP server...

CVE-2023-26433

When adding an external mail account, processing of IMAP "capabilities" responses are not limited to plausible sizes. Attacker with access to a rogue IMAP service could trigger requests that lead to excessive resource usage and eventually service unavailability. We now limit accepted IMAP server...

CVE-2023-26433

CVE-2023-26433 affects Open-Xchange OX App Suite (OXAS-BACKEND) where IMAP capabilities responses were not constrained by size when adding an external mail account. The root cause is unbounded processing of IMAP server responses, enabling an attacker with access to a rogue IMAP service to trigger...

CVE-2022-26433

creationtimestamp| type| source ---|---|--- 2022-08-01 18:16:57+00:00| seen| https://t.me/cibsecurity/47333...

CVE-2022-26433

The CVE-2022-26433 entry concerns MediaTek mailbox (mailbox controller) with a type-confusion caused out-of-bounds write leading to local privilege escalation to SYSTEM. Affected component: mailbox handling in MediaTek devices; root cause: type confusion resulting in out-of-bounds write (exact co...

MariaDB DoS Vulnerability (MDEV-26433) - Windows

MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...

MariaDB DoS Vulnerability (MDEV-26433) - Linux

MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...

CVE-2021-26433 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability

...

CVE-2021-26433

Technical details (affected product/version, root cause, impact, or exploit information) are not provided in the connected documents for CVE-2021-26433. Monitor for updates.

KB5005033: Windows 10 Version 2004 / Windows 10 Version 20H2 / Windows 10 Version 21H1 Security Update (August 2021)

The remote Windows host is missing security update 5005033. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2021-26425, CVE-2021-26426, CVE-2021-26431, CVE-2021-34483, CVE-2021-34484,...

KB5005031: Windows 10 Version 1909 Security Update (August 2021)

The remote Windows host is missing security update 5005031. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2021-26424, CVE-2021-26432,...