SUSE CVE-2004-1176

Buffer underflow in extfs.c in Midnight Commander mc 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code...

SUSE CVE-2005-0763

Buffer overflow in Midnight Commander mc 4.5.55 and earlier may allow attackers to execute arbitrary code...

SUSE CVE-2012-4463

Midnight Commander mc 4.8.5 does not properly handle the 1 MCEXTSELECTED or 2 MCEXTONLYTAGGED environment variables when multiple files are selected, which allows user-assisted remote attackers to execute arbitrary commands via a crafted file name...

SUSE CVE-2021-36370

An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity...

Ubuntu: Security Advisory (USN-5160-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Intel® AMT SDK, Intel® EMA and Intel® MC Advisory

Summary: A potential security vulnerability in the Intel® Active Management Technology AMT SDK, Intel® Endpoint Management Assistant EMA and Intel® Manageability Commander MC may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability...

多款Intel产品安全漏洞

Intel Active Management Technology AMT and others are products of Intel Corporation.Intel Active Management Technology is a set of hardware-based computer remote active management technology software.Intel Endpoint Management Assistant Intel EMA is a management software application for managing...

USN-5160-1: Midnight Commander vulnerability

It was discovered that Midnight Commander would not check server fingerprints when establishing an SFTP connection. If a remote attacker were able to intercept communications this flaw could be exploited to impersonate the SFTP server...

USN-5160-1 mc vulnerability

It was discovered that Midnight Commander would not check server fingerprints when establishing an SFTP connection. If a remote attacker were able to intercept communications this flaw could be exploited to impersonate the SFTP server...

OESA-2022-1771 mc security update

GNU Midnight Commander is a visual file manager, licensed under GNU General Public License and therefore qualifies as Free Software. It's a feature rich full-screen text mode application that allows you to copy, move and delete files and whole directory trees, search for files and run commands in...

The vulnerability of the Intel Manageability Commander console for connecting and utilizing Intel Active Management functions, allowing a hacker to increase their privileges.

The vulnerability of the Intel Manageability Commander console for connecting and utilizing Intel Active Management functions is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...

Passwords stored in plain text by Mail Commander Plugin for Jenkins-ci Plugin

Jenkins Mail Commander Plugin for Jenkins-ci Plugin 1.0.0 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

GHSA-485Q-V457-3P58 Passwords stored in plain text by Mail Commander Plugin for Jenkins-ci Plugin

Jenkins Mail Commander Plugin for Jenkins-ci Plugin 1.0.0 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

CVE-2021-0126

Improper input validation for the IntelR Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access...

CVE-2021-0126

Improper input validation for the IntelR Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access...

Input validation

Improper input validation for the IntelR Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access...

CVE-2021-0126

This CVE (CVE-2021-0126) affects Intel® Manageability Commander before version 2.2. The root cause is improper input validation, which could allow an authenticated user to escalate privileges via adjacent access. The issue is documented with CVSS:3.1 base score 8.0 (HIGH) in the connected sources...

CVE-2021-0126

Improper input validation for the IntelR Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access...

Intel Manageability Commander 输入验证错误漏洞

Intel Manageability Commander is a lightweight console from Intel Corporation USA. for connecting to and using Intel Active Management Technology Intel AMT features. An input validation error vulnerability exists in Intel Manageability Commander versions prior to 2.2, which stems from incorrect...

Intel® Manageability Commander Advisory

Summary: A potential security vulnerability in the Intel® Manageability Commander may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-0126 Description: Improper input validation for the IntelR...