23 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-32952
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - go-ntlmssp is a Go package that provides NTLM/Negotiate authentication over HTTP. Prior to version 0.1.1, a malicious NTLM challenge message can causes an slice...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the ntlmssp.Negotiator process. An attacker can cause a panic and crash the application by sending a specially crafted NTLM challenge message. Remediation Upgrade github.com/Azure/go-ntlmssp to version...
EUVD-2016-0928
Malware in sbrugna...
EUVD-2023-46575
Malicious code in bioql PyPI...
EUVD-2022-37004
Malicious code in bioql PyPI...
CVE-2023-42116
Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling o...
CVE-2023-42114
Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling o...
CVE-2023-42116 Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability
Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling o...
CVE-2023-42114 Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability
Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling o...
Fedora 37 : exim (2023-0a7690525f)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-0a7690525f advisory. This is an exim update fixing several security problems. Tenable has extracted the preceding description block directly from the Fedora security...
openSUSE 15 Security Update : exim (openSUSE-SU-2023:0293-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0293-1 advisory. - NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability fedora-all CVE-2023-42114 - AUTH Out-Of-Bounds Write Remote Code Executi...
Debian DSA-5512-1 : exim4 - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5512 advisory. Several vulnerabilities were discovered in Exim, a mail transport agent, which could result in remote code execution if the EXTERNAL or SPA/NTLM authenticato...
SUSE CVE-2023-42116
Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling o...
CVE-2023-42116
Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling o...
(0Day) Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validati...
(0Day) Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validation of th...
K97733133: BIG-IP APM Edge Client vulnerability CVE-2020-5893
Security Advisory Description When a user connects to a VPN using BIG-IP Edge Client over an unsecure network, BIG-IP Edge Client responds to authentication requests over HTTP while sending probes for captive portal detection. CVE-2020-5893 Impact An attacker can use a man-in-the-middle MITM atta...
CVE-2022-33968
In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, when an LTM monitor or APM SSO is configured on a virtual server, and NTLM challenge-response is in use, undisclosed traffic can cause a buffer over-read...
PT-2022-6997 · Exim +4 · Exim +4
Name of the Vulnerable Software and Affected Versions: Exim affected versions not specified Description: The issue is related to the handling of NTLM challenge requests in Exim, which can result in a read past the end of an allocated data structure due to the lack of proper validation of...
F5 Networks BIG-IP : BIG-IP APM Edge Client vulnerability (K97733133)
When a user connects to a VPN using BIG-IP Edge Client over an unsecure network, BIG-IP Edge Client responds to authentication requests over HTTP while sending probes for captive portal detection. CVE-2020-5893 Impact An attacker can use a man-in-the-middle MITM attack by deploying a...