Lucene search
K

79 matches found

ArchLinux
ArchLinux
added 2021/12/03 12:0 a.m.45 views

[ASA-202112-5] isync: arbitrary code execution

Arch Linux Security Advisory ASA-202112-5 ========================================= Severity: Medium Date : 2021-12-03 CVE-ID : CVE-2021-3657 CVE-2021-44143 Package : isync Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-2579 Summary ======= The package isyn...

9.8CVSS1.8AI score0.03662EPSS
Exploits0References13
NVD
NVD
added 2021/11/22 8:15 p.m.14 views

CVE-2021-44143

A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers i.e., one that starts with an empty line to provoke a heap overflow, which could conceivably be exploited for remote...

9.8CVSS0.03662EPSS
Exploits0References7
OSV
OSV
added 2021/11/22 8:15 p.m.1 views

DEBIAN-CVE-2021-44143

A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers i.e., one that starts with an empty line to provoke a heap overflow, which could conceivably be exploited for remote...

9.8CVSS8.7AI score0.03662EPSS
Exploits0References1
Prion
Prion
added 2021/11/22 8:15 p.m.20 views

Design/Logic Flaw

A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers i.e., one that starts with an empty line to provoke a heap overflow, which could conceivably be exploited for remote...

7.5CVSS9.5AI score0.03662EPSS
Exploits0References7Affected Software3
UbuntuCve
UbuntuCve
added 2021/11/22 8:15 p.m.28 views

CVE-2021-44143

A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers i.e., one that starts with an empty line to provoke a heap overflow, which could conceivably be exploited for remote...

9.8CVSS7.3AI score0.03662EPSS
Exploits0References4
OSV
OSV
added 2021/11/22 8:15 p.m.3 views

UBUNTU-CVE-2021-44143

A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers i.e., one that starts with an empty line to provoke a heap overflow, which could conceivably be exploited for remote...

9.8CVSS7.5AI score0.03662EPSS
Exploits0References5
Cvelist
Cvelist
added 2021/11/22 7:29 p.m.23 views

CVE-2021-44143

A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers i.e., one that starts with an empty line to provoke a heap overflow, which could conceivably be exploited for remote...

9.8AI score0.03662EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2021/11/22 7:29 p.m.27 views

CVE-2021-44143

A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers i.e., one that starts with an empty line to provoke a heap overflow, which could conceivably be exploited for remote...

9.8CVSS9.6AI score0.03662EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2021/11/22 7:29 p.m.50 views

CVE-2021-44143

A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers i.e., one that starts with an empty line to provoke a heap overflow, which could conceivably be exploited for remote...

9.8CVSS9.6AI score0.03662EPSS
Exploits0
CNNVD
CNNVD
added 2021/11/22 12:0 a.m.3 views

Apple Isync 缓冲区错误漏洞

Apple Isync is an American Apple Apple software that only runs under the Mac OS X operating system. Its function is to synchronize iCal and Address Book with MobileMe as well as a number of devices including iPods, SyncML-enabled phones, Palm OS and smartphones. A security vulnerability exists in...

9.8CVSS8.7AI score0.03662EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2021/11/22 12:0 a.m.5 views

PT-2021-24041 · Isync +2 · Isync +2

Name of the Vulnerable Software and Affected Versions: isync versions 1.4.0 through 1.4.3 Description: A flaw was found in mbsync due to an unchecked condition, allowing a malicious or compromised IMAP server to use a crafted mail message that lacks headers to provoke a heap overflow, which could...

9.8CVSS7AI score0.03662EPSS
Exploits0References25
OPENSUSE Linux
OPENSUSE Linux
added 2021/08/24 12:0 a.m.53 views

Security update for isync (moderate)

openSUSE Security Update: Security update for isync Announcement ID: openSUSE-SU-2021:1185-1 Rating: moderate References: 1186939 Cross-References: CVE-2021-3578 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes one vulnerability is now available. Description: This update for...

7.8CVSS7.6AI score0.00998EPSS
Exploits0References1
OSV
OSV
added 2021/08/23 6:6 p.m.9 views

OPENSUSE-SU-2021:1185-1 Security update for isync

This update for isync fixes the following issues: Update to version 1.3.6 This is a security release that fixes CVE-2021-3578. This update was imported from the openSUSE:Leap:15.2:Update update project...

7.8CVSS7.6AI score0.00998EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/08/21 12:0 a.m.31 views

openSUSE 15 Security Update : isync (openSUSE-SU-2021:1170-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:1170-1 advisory. - A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrar...

7.8CVSS8.1AI score0.00998EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/08/21 12:0 a.m.17 views

openSUSE: Security Advisory for isync (openSUSE-SU-2021:1170-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.8AI score0.00998EPSS
Exploits0References2
OSV
OSV
added 2021/08/20 12:7 p.m.5 views

OPENSUSE-SU-2021:1170-1 Security update for isync

This update for isync fixes the following issues: Update to version 1.3.6 This is a security release that fixes CVE-2021-3578...

7.8CVSS7.6AI score0.00998EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2021/08/20 12:0 a.m.50 views

Security update for isync (moderate)

openSUSE Security Update: Security update for isync Announcement ID: openSUSE-SU-2021:1170-1 Rating: moderate References: 1186939 Cross-References: CVE-2021-3578 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for isync fixes...

7.8CVSS7.6AI score0.00998EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/06/17 12:0 a.m.17 views

Fedora: Security Advisory for isync (FEDORA-2021-f236f9f01a)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS8.3AI score0.00998EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/17 12:0 a.m.17 views

Fedora: Security Advisory for isync (FEDORA-2021-754af4d52b)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS8.3AI score0.00998EPSS
Exploits0References2
Veracode
Veracode
added 2021/06/12 10:1 p.m.33 views

Remote Code Execution

isync is vulnerable to remote code execution. An unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This behavior can be exploited to execute arbitrary code on...

7.8CVSS5.3AI score0.00998EPSS
Exploits0References12Affected Software1
Rows per page
Query Builder