13 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-28686
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can...
Fedora 38 : dino (2023-ea6b94395f)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-ea6b94395f advisory. Maintenance release with fix for CVE-2023-28686 and bug fixes. Tenable has extracted the preceding description block directly from the Fedora security...
MGASA-2023-0122 Updated dino packages fix security vulnerability
When a Dino client receives a specifically crafted message from an unauthorized sender, it would use information from that message to add, update or remove entries in the user’s personal bookmark store without requiring further user interaction. CVE-2023-28686...
Information Disclosure
dino is vulnerable to Information Disclosure. The attacker can modify the personal bookmark store, change the display of group chats, or force a victim to join a group chat, which can lead to the victim disclosing sensitive information...
[SECURITY] [DSA 5379-1] dino-im security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5379-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 27, 2023 https://www.debian.org/security/faq -...
CVE-2023-28686
Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force a victim to join a group chat; the victim may then be tricked into disclosing sensitive informati...
CVE-2023-28686
Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force a victim to join a group chat; the victim may then be tricked into disclosing sensitive informati...
DEBIAN-CVE-2023-28686
Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force a victim to join a group chat; the victim may then be tricked into disclosing sensitive informati...
UBUNTU-CVE-2023-28686
Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force a victim to join a group chat; the victim may then be tricked into disclosing sensitive informati...
CVE-2023-28686
Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force a victim to join a group chat; the victim may then be tricked into disclosing sensitive informati...
CVE-2023-28686
CVE-2023-28686 affects the Dino chat client prior to 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2. A crafted message can modify the user’s personal bookmark store, and may alter the display of group chats or force the victim to join a group chat, potentially leading to disclosure of sensitiv...
PT-2023-21905 · Dino +2 · Dino +2
Name of the Vulnerable Software and Affected Versions: Dino versions prior to 0.2.3 Dino versions 0.3.x prior to 0.3.2 Dino versions 0.4.x prior to 0.4.2 Description: The issue allows attackers to modify the personal bookmark store via a crafted message. This can lead to changing the display of...
CVE-2023-28686
Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force a victim to join a group chat; the victim may then be tricked into disclosing sensitive informati...