888 matches found
UBUNTU-CVE-2021-38370
In Alpine before 2.25, untagged responses from an IMAP server are accepted before STARTTLS...
Alpine 命令注入漏洞
Alpine is an email program. A command injection vulnerability exists in Alpine 2.24 that arises from the affected product accepting an untagged response from an IMAP server before STARTTLS...
CVE-2021-38370
The CVE describes Alpine before 2.25 allowing untagged IMAP responses before STARTTLS, potentially leaking information. Affected component: Alpine IMAP handling. Root cause: insecure handling of IMAP responses prior to TLS upgrade. Impact per sources: information leakage (and related issues) when...
CVE-2021-38370
In Alpine before 2.25, untagged responses from an IMAP server are accepted before STARTTLS...
CVE-2021-38370
In Alpine before 2.25, untagged responses from an IMAP server are accepted before STARTTLS...
CVE-2021-38370
In Alpine before 2.25, untagged responses from an IMAP server are accepted before STARTTLS...
ALPINE-CVE-2021-36976
libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring called from douncompressblock and processblock...
ALPINE-CVE-2021-32749
fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...
ALPINE-CVE-2021-22918
Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uvidnatoascii is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe, with the latter holding a pointer to the end of the buffer. This can lead to...
ALPINE-CVE-2021-36217
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3502. Reason: This candidate is a duplicate of CVE-2021-3502. Notes: All CVE users should reference CVE-2021-3502 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
ALPINE-CVE-2021-36158
In the xrdp package in branches through 3.14 for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used...
CVE-2021-36158
In the xrdp package in branches through 3.14 for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used...
CVE-2021-36158
In the xrdp package in branches through 3.14 for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used...
CVE-2021-36158
In the xrdp package in branches through 3.14 for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used...
Code injection
In the xrdp package in branches through 3.14 for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used...
CVE-2021-36158
In the xrdp package in branches through 3.14 for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used...
CVE-2021-36158
CVE-2021-36158 affects the xrdp package in Alpine Linux (branches up to 3.14). The vulnerability arises from pre-generated RSA certificates and private keys used in RDP sessions, enabling potential man-in-the-middle attacks. The available connected documents confirm the affected environment and t...
CVE-2021-36158
In the xrdp package in branches through 3.14 for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used...
CVE-2021-36158
In the xrdp package in branches through 3.14 for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used...
Alpine Linux 安全漏洞
Alpine Linux is a lightweight Linux distribution for security applications. A security vulnerability exists in Alpine Linux xrdp version 3.14, which stems from the program's use of pre-generated RSA certificates and private keys, making the session vulnerable to man-in-the-middle attacks...