Linux Distros Unpatched Vulnerability : CVE-2019-18849

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorizedkeys file via an e-mail message with a crafted winmail.dat...

PT-2021-22405 · Xstream +5 · Xstream +5

Name of the Vulnerable Software and Affected Versions: XStream versions prior to 1.4.18 Description: The issue allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. This can be done when using affected versions of XStream, a...

PT-2021-22411 · Xstream +5 · Xstream +5

Name of the Vulnerable Software and Affected Versions: XStream versions prior to 1.4.18 Description: The issue allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. Users who set up XStream's security framework with a whitelist...

PT-2021-22400 · Xstream +5 · Xstream +5

Name of the Vulnerable Software and Affected Versions: XStream versions prior to 1.4.18 Description: XStream is a library used to serialize objects to XML and back again. This issue may allow a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed inp...

PT-2021-22402 · Xstream +5 · Xstream +5

Name of the Vulnerable Software and Affected Versions: XStream versions prior to 1.4.18 Description: This issue may allow a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. Users who set up XStream's security framework with a...

tnef buffer overflow vulnerability (CNVD-2020-44298)

tnef is a program for decompressing files in the TNEF Transport Neutral Encapsulation Format format. A buffer overflow vulnerability exists in versions of tnef prior to 1.4.18. The vulnerability stems from a networked system or product performing operations in memory without properly validating...

DEBIAN-CVE-2015-0219

Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 allows remote attackers to spoof WSGI headers by using an underscore character instead of a - dash character in an HTTP header, as demonstrated by an X-AuthUser header...

SquirrelMail: CSS positioning vulnerability

functions/mime.php in SquirrelMail before 1.4.18 does not protect the application's content from Cascading Style Sheets CSS positioning in HTML e-mail messages, which allows remote attackers to spoof the user interface, and conduct cross-site scripting XSS and phishing attacks, via a crafted...

Buffer overflow

Buffer overflow in the fcgienvadd function in modproxybackendfastcgi.c in the modfastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the...

CVE-2007-4727

Buffer overflow in the fcgienvadd function in modproxybackendfastcgi.c in the modfastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the...