Lucene search
K

125 matches found

ATTACKERKB
ATTACKERKB
added 2023/09/20 6:15 a.m.5 views

CVE-2023-43616

An issue was discovered in Croc through 9.6.5. A sender can cause a receiver to overwrite files during ZIP extraction...

5.5CVSS5.8AI score0.00368EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2023/09/20 6:15 a.m.4 views

CVE-2023-43621

An issue was discovered in Croc through 9.6.5. The shared secret, located on a command line, can be read by local users who list all processes and their arguments...

4.7CVSS5.8AI score0.0029EPSS
Exploits1References4
Wolfi
Wolfi
added 2023/09/20 6:15 a.m.18 views

CVE-2023-43617 vulnerabilities

Vulnerabilities for packages: croc...

5.3CVSS7.5AI score0.00628EPSS
Exploits1
Wolfi
Wolfi
added 2023/09/20 6:15 a.m.144 views

CVE-2023-43620 vulnerabilities

Vulnerabilities for packages: croc...

7.8CVSS7.5AI score0.00339EPSS
Exploits1
Wolfi
Wolfi
added 2023/09/20 6:15 a.m.141 views

CVE-2023-43621 vulnerabilities

Vulnerabilities for packages: croc...

4.7CVSS7.5AI score0.0029EPSS
Exploits1
Wolfi
Wolfi
added 2023/09/20 6:15 a.m.129 views

CVE-2023-43618 vulnerabilities

Vulnerabilities for packages: croc...

5.3CVSS7.5AI score0.004EPSS
Exploits1
Wolfi
Wolfi
added 2023/09/20 6:15 a.m.20 views

CVE-2023-43619 vulnerabilities

Vulnerabilities for packages: croc...

7.8CVSS7.5AI score0.00339EPSS
Exploits1
Chainguard
Chainguard
added 2023/09/20 6:15 a.m.28 views

CVE-2023-43620 vulnerabilities

Vulnerabilities for packages: croc...

7.8CVSS6.9AI score0.00339EPSS
Exploits1
Chainguard
Chainguard
added 2023/09/20 6:15 a.m.28 views

CVE-2023-43618 vulnerabilities

Vulnerabilities for packages: croc...

5.3CVSS6.9AI score0.004EPSS
Exploits1
Chainguard
Chainguard
added 2023/09/20 6:15 a.m.23 views

CVE-2023-43617 vulnerabilities

Vulnerabilities for packages: croc...

5.3CVSS6.9AI score0.00628EPSS
Exploits1
Chainguard
Chainguard
added 2023/09/20 6:15 a.m.12 views

CVE-2023-43619 vulnerabilities

Vulnerabilities for packages: croc...

7.8CVSS6.9AI score0.00339EPSS
Exploits1
Chainguard
Chainguard
added 2023/09/20 6:15 a.m.37 views

CVE-2023-43621 vulnerabilities

Vulnerabilities for packages: croc...

4.7CVSS6.9AI score0.0029EPSS
Exploits1
Prion
Prion
added 2023/09/20 6:15 a.m.13 views

Code injection

An issue was discovered in Croc through 9.6.5. A sender can cause a receiver to overwrite files during ZIP extraction...

1.9CVSS5.3AI score0.00368EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2023/09/20 6:15 a.m.10 views

Design/Logic Flaw

An issue was discovered in Croc through 9.6.5. The protocol requires a sender to provide its local IP addresses in cleartext via an ips? message...

5CVSS5AI score0.004EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2023/09/20 6:15 a.m.13 views

Design/Logic Flaw

An issue was discovered in Croc through 9.6.5. When a custom shared secret is used, the sender and receiver may divulge parts of this secret to an untrusted Relay, as part of composing a room name...

5CVSS5.2AI score0.00628EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2023/09/20 6:15 a.m.11 views

Command injection

An issue was discovered in Croc through 9.6.5. The shared secret, located on a command line, can be read by local users who list all processes and their arguments...

1CVSS4.8AI score0.0029EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2023/09/20 6:15 a.m.19 views

Design/Logic Flaw

An issue was discovered in Croc through 9.6.5. A sender may send dangerous new files to a receiver, such as executable content or a .ssh/authorizedkeys file...

4.4CVSS7.4AI score0.00339EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2023/09/20 12:0 a.m.283 views

CVE-2023-43617

CVE-2023-43617 affects Croc up to version 9.6.5. When a custom shared secret is used, parts of that secret may be divulged to an untrusted Relay as part of composing a room name. This is the disclosed root cause; no explicit mitigation or patch version is provided in the supplied documents. Other...

5.3CVSS5AI score0.00628EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/09/20 12:0 a.m.26 views

CVE-2023-43618

An issue was discovered in Croc through 9.6.5. The protocol requires a sender to provide its local IP addresses in cleartext via an ips? message...

5.4AI score0.004EPSS
Exploits1References3
CVE
CVE
added 2023/09/20 12:0 a.m.283 views

CVE-2023-43620

CVE-2023-43620 affects Croc (through 9.6.5): a sender can embed ANSI/CSI escape sequences in a filename to attack the receiver’s terminal device. The underlying issue is that filename handling naively processes escape sequences, enabling potential terminal manipulation. The connected OSV/GHSA ent...

7.8CVSS7.4AI score0.00339EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder