CVE-2018-14573

A Local File Inclusion LFI vulnerability exists in the Web Interface API of TightRope Media Carousel Digital Signage before 7.3.5. The RenderingFetch API allows for the downloading of arbitrary files through the use of directory traversal sequences, aka CSL-1683...

CVE-2018-14358

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field...

ALPINE-CVE-2018-14358

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field...

Stack overflow

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field...

DEBIAN-CVE-2018-14358

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field...

ALPINE-CVE-2018-14350

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field...

CVE-2018-14350

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field...

DEBIAN-CVE-2018-14350

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field...

CVE-2018-14350

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field...

CVE-2018-14350

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field...

UBUNTU-CVE-2018-14358

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field...

CVE-2018-14350

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field...

UBUNTU-CVE-2018-14350

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field...

Directory traversal

Directory traversal in Jester web framework 0.2.0 allows remote attackers to fetch files in arbitrary locations via "..%f" sequences...

CVE-2018-13034

Directory traversal in Jester web framework 0.2.0 allows remote attackers to fetch files in arbitrary locations via "..%f" sequences...

PT-2018-3303 · Mutt +5 · Mutt +5

Name of the Vulnerable Software and Affected Versions: Mutt versions prior to 1.10.1 NeoMutt versions prior to 2018-07-16 Description: The issue is related to a stack-based buffer overflow in the imap/message.c file of the Mutt and NeoMutt email clients. This overflow occurs when handling a FETCH...

PT-2018-2728 · Mutt +5 · Mutt +5

Name of the Vulnerable Software and Affected Versions: Mutt versions prior to 1.10.1 NeoMutt versions prior to 2018-07-16 Description: The issue is related to a stack-based buffer overflow in the imap/message.c file for a FETCH response with a long INTERNALDATE field. This can be exploited by a...

CVE-2018-12633

An issue was discovered in the Linux kernel through 4.17.2. vbgmiscdeviceioctl in drivers/virt/vboxguest/vboxguestlinux.c reads the same user data twice with copyfromuser. The header part of the user data is double-fetched, and a malicious user thread can tamper with the critical variables...

Security Bulletin: Vulnerability in Open Source cURL Libcurl affects IBM PureApplication. (CVE-2017-1000257)

Summary Vulnerability in Open Source cURL Libcurl affects IBM PureApplication. Vulnerability Details CVEID: CVE-2017-1000257 DESCRIPTION: cURL is vulnerable to a denial of service, caused by a buffer overread in the IMAP handler. By using a specially crafted IMAP FETCH response, a remote attacker...

CVE-2018-5131

Under certain circumstances the "fetch" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessib...