Lucene search
K

141 matches found

Veracode
Veracode
added 2022/01/20 5:38 a.m.23 views

Remote Code Execution (RCE)

libspf2 is vulnerable to remote code execution. The vulnerability exists due to a heap-based buffer overflow that allowing an attacker to inject maliciously crafted script into the system...

9.8CVSS4.3AI score0.09643EPSS
Exploits1References6Affected Software2
OSV
OSV
added 2022/01/19 6:15 p.m.2 views

DEBIAN-CVE-2021-33913

libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of SPFrecordexpanddata in spfexpand.c. The amount of overflowed data depend...

9.8CVSS8.6AI score0.09643EPSS
Exploits1References1
NVD
NVD
added 2022/01/19 6:15 p.m.19 views

CVE-2021-33912

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...

9.8CVSS0.09643EPSS
Exploits1References4
OSV
OSV
added 2022/01/19 6:15 p.m.19 views

CVE-2021-33912

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...

9.8CVSS9.8AI score
Exploits0References4
OSV
OSV
added 2022/01/19 6:15 p.m.5 views

ALPINE-CVE-2021-33913

libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of SPFrecordexpanddata in spfexpand.c. The amount of overflowed data depend...

9.8CVSS8.3AI score0.09643EPSS
Exploits1References1
Prion
Prion
added 2022/01/19 6:15 p.m.20 views

Heap overflow

libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of SPFrecordexpanddata in spfexpand.c. The amount of overflowed data depend...

9.3CVSS9.8AI score0.09643EPSS
Exploits1References4Affected Software1
UbuntuCve
UbuntuCve
added 2022/01/19 6:15 p.m.23 views

CVE-2021-33913

libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of SPFrecordexpanddata in spfexpand.c. The amount of overflowed data depend...

9.8CVSS7.5AI score0.09643EPSS
Exploits1References4
Prion
Prion
added 2022/01/19 6:15 p.m.23 views

Heap overflow

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...

9.3CVSS9.8AI score0.09643EPSS
Exploits1References4Affected Software2
UbuntuCve
UbuntuCve
added 2022/01/19 6:15 p.m.23 views

CVE-2021-33912

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...

9.8CVSS7.5AI score0.09643EPSS
Exploits1References4
OSV
OSV
added 2022/01/19 6:15 p.m.2 views

UBUNTU-CVE-2021-33912

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...

9.8CVSS7.7AI score0.09643EPSS
Exploits1References5
OSV
OSV
added 2022/01/19 6:15 p.m.1 views

UBUNTU-CVE-2021-33913

libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of SPFrecordexpanddata in spfexpand.c. The amount of overflowed data depend...

9.8CVSS7.7AI score0.09643EPSS
Exploits1References5
CVE
CVE
added 2022/01/19 12:0 a.m.114 views

CVE-2021-33913

CVE-2021-33912 and CVE-2021-33913 affect libspf2 prior to 1.2.11. Multiple advisories (Ubuntu USN-6584-1/2, Debian DLA-2890-1, Gentoo GLSA-202401-22, Debian DLA-2890) describe heap-based buffer overflows in SPF_record_expand_data and related code, which could allow remote attackers to execute arb...

9.8CVSS9.7AI score0.09643EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2022/01/19 12:0 a.m.4 views

PT-2022-10299 · Exim +5 · Exim +5

Name of the Vulnerable Software and Affected Versions: libspf2 versions prior to 1.2.11 Description: The issue is related to a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with ...

9.8CVSS8.3AI score0.51474EPSS
Exploits2References36
CVE
CVE
added 2022/01/19 12:0 a.m.105 views

CVE-2021-33912

Libspf2 prior to 1.2.11 contains a four-byte heap-based buffer overflow triggered by crafting SPF DNS records, due to incorrect sprintf usage in SPF_record_expand_data (spf_expand.c). This can allow a remote attacker to execute arbitrary code via an unauthenticated email message. The vulnerabilit...

9.8CVSS9.7AI score0.09643EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2022/01/19 12:0 a.m.25 views

CVE-2021-33913

libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of SPFrecordexpanddata in spfexpand.c. The amount of overflowed data depend...

10AI score0.09643EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2022/01/19 12:0 a.m.35 views

CVE-2021-33912

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...

9.8CVSS9.9AI score0.09643EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2022/01/19 12:0 a.m.37 views

CVE-2021-33913

libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of SPFrecordexpanddata in spfexpand.c. The amount of overflowed data depend...

9.8CVSS9.9AI score0.09643EPSS
Exploits1
Debian CVE
Debian CVE
added 2022/01/19 12:0 a.m.36 views

CVE-2021-33913

libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of SPFrecordexpanddata in spfexpand.c. The amount of overflowed data depend...

9.8CVSS9.9AI score0.09643EPSS
Exploits1
Mageia
Mageia
added 2021/10/02 6:57 p.m.23 views

Updated libspf2 packages fix security vulnerability

Updated libspf2 packages fix buffer overflow...

9.8CVSS3.5AI score0.0281EPSS
Exploits0References3
OSV
OSV
added 2021/10/02 6:57 p.m.6 views

MGASA-2021-0454 Updated libspf2 packages fix security vulnerability

Updated libspf2 packages fix buffer overflow...

9.8CVSS9.6AI score0.0281EPSS
Exploits0References4
Rows per page
Query Builder