Lucene search
K

89 matches found

UbuntuCve
UbuntuCve
added 2020/05/28 12:15 p.m.44 views

CVE-2020-13645

In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate...

6.5CVSS6.8AI score0.01933EPSS
Exploits1References2
Prion
Prion
added 2020/05/28 12:15 p.m.21 views

Design/Logic Flaw

In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate...

6.4CVSS6.4AI score0.01933EPSS
Exploits1References8Affected Software4
Cvelist
Cvelist
added 2020/05/28 11:55 a.m.34 views

CVE-2020-13645

In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate...

6.6AI score0.01933EPSS
Exploits1References8
CVE
CVE
added 2020/05/28 11:55 a.m.323 views

CVE-2020-13645

Technical details for CVE-2020-13645 are not provided in the Connected documents. The Initial Description notes a hostname verification issue in GNOME glib-networking (GTlsClientConnection), but there are no product/version specifics beyond the CP4S remediation, so monitor for updates.

6.5CVSS6.4AI score0.01933EPSS
Exploits1References8Affected Software2
AlpineLinux
AlpineLinux
added 2020/05/28 11:55 a.m.47 views

CVE-2020-13645

In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate...

6.5CVSS6.7AI score0.01933EPSS
Exploits1
Debian CVE
Debian CVE
added 2020/05/28 11:55 a.m.31 views

CVE-2020-13645

In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate...

6.5CVSS6.7AI score0.01933EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2009/07/02 4:55 p.m.4 views

fetchmail/mutt/evolution/...: APOP password disclosure vulnerability

The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including 1 Thunderbird 1.x before 1.5.0.12 and...

2.6CVSS5.9AI score0.02423EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.33 views

Fedora Update for balsa FEDORA-2007-1447

Check for the Version of balsa OpenVAS Vulnerability Test Fedora Update for balsa FEDORA-2007-1447 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

2.6CVSS8.3AI score0.02423EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.23 views

Fedora Update for balsa FEDORA-2007-1447

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

2.6CVSS6.8AI score0.02423EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.21 views

Gentoo Security Advisory GLSA 200710-17 (balsa)

The remote host is missing updates announced in advisory GLSA 200710-17. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

6.8CVSS0.6AI score0.03893EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.14 views

Gentoo Security Advisory GLSA 200710-17 (balsa)

The remote host is missing updates announced in advisory GLSA 200710-17. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS7.1AI score0.03893EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.15 views

Debian Security Advisory DSA 300-1 (balsa)

The remote host is missing an update to balsa announced via advisory DSA 300-1. OpenVAS Vulnerability Test $Id: deb3001.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 300-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

7.5CVSS0.8AI score0.02543EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.14 views

Debian: Security Advisory (DSA-300)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.02543EPSS
Exploits0References3
Prion
Prion
added 2007/12/12 10:10 p.m.18 views

Stack overflow

Stack-based buffer overflow in the irfetchseq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command...

6.8CVSS8.2AI score0.03893EPSS
Exploits1References12Affected Software1
NVD
NVD
added 2007/12/12 10:10 p.m.26 views

CVE-2007-5007

Stack-based buffer overflow in the irfetchseq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command...

6.8CVSS7.8AI score0.03893EPSS
Exploits1References12
UbuntuCve
UbuntuCve
added 2007/12/12 10:10 p.m.23 views

CVE-2007-5007

Stack-based buffer overflow in the irfetchseq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command...

6.8CVSS6.4AI score0.03893EPSS
Exploits1References1
OSV
OSV
added 2007/12/12 10:10 p.m.7 views

CVE-2007-5007

Stack-based buffer overflow in the irfetchseq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command...

8.1AI score
Exploits0References12
OSV
OSV
added 2007/12/12 10:10 p.m.2 views

DEBIAN-CVE-2007-5007

Stack-based buffer overflow in the irfetchseq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command...

6.8CVSS8.4AI score0.03893EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2007/11/06 12:0 a.m.26 views

Fedora 7 : balsa-2.3.17-2.fc7 (2007-1447)

Balsa is not really listed in the list but it also lacked the verification of the server challenge. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

2.6CVSS8.2AI score0.02423EPSS
Exploits1References2
securityvulns
securityvulns
added 2007/10/18 12:0 a.m.44 views

[ GLSA 200710-17 ] Balsa: Buffer overflow

Gentoo Linux Security Advisory GLSA 200710-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

6.8CVSS7.1AI score0.03893EPSS
Exploits1
Rows per page
Query Builder