Lucene search
+L

9 matches found

OpenVAS
OpenVAS
added 2024/02/22 12:0 a.m.28 views

Ubuntu: Security Advisory (USN-6584-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.09643EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2024/01/16 12:0 a.m.15 views

Ubuntu: Security Advisory (USN-6584-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.09643EPSS
Exploits2References2
Ubuntu
Ubuntu
added 2024/01/15 5:17 p.m.35 views

USN-6584-1: Libspf2 vulnerabilities

Philipp Jeitner and Haya Shulman discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

9.8CVSS8.4AI score0.09643EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2024/01/15 12:0 a.m.30 views

GLSA-202401-22 : libspf2: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-22 libspf2: Multiple vulnerabilities - Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF...

9.8CVSS9.2AI score0.09643EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2022/01/21 12:0 a.m.39 views

Debian DLA-2890-1 : libspf2 - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2890 advisory. - libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail messag...

9.8CVSS8.3AI score0.09643EPSS
Exploits2References7
NVD
NVD
added 2022/01/19 6:15 p.m.20 views

CVE-2021-33912

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...

9.8CVSS0.09643EPSS
Exploits1References4
Cvelist
Cvelist
added 2022/01/19 12:0 a.m.28 views

CVE-2021-33912

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...

10AI score0.09643EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2022/01/19 12:0 a.m.49 views

CVE-2021-33912

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...

9.8CVSS9.9AI score0.09643EPSS
Exploits1
CVE
CVE
added 2022/01/19 12:0 a.m.108 views

CVE-2021-33912

Libspf2 prior to 1.2.11 contains a four-byte heap-based buffer overflow triggered by crafting SPF DNS records, due to incorrect sprintf usage in SPF_record_expand_data (spf_expand.c). This can allow a remote attacker to execute arbitrary code via an unauthenticated email message. The vulnerabilit...

9.8CVSS9.7AI score0.09643EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder