Every CVE whose affected-product data names Mgetty Project Mgetty, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2018-16745 — CVSS 7.8 (high): An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow a…
CVE-2018-16741 — CVSS 7.8 (high): An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly sanitize shell…
CVE-2018-16742 — CVSS 7.8 (high): An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line…
CVE-2018-16743 — CVSS 7.8 (high): An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to…
CVE-2018-16744 — CVSS 7.8 (high): An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow…
CVE-2019-1010190 — CVSS 5.5 (medium): mgetty prior to 1.2.1 is affected by: out-of-bounds read. The impact is: DoS, the program may crash if the memory is not mapped. The…
CVE-2019-1010189 — CVSS 5.5 (medium): mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does never terminates. The component is…
CVE-2003-0517 — CVSS 5.5 (medium): faxrunqd.in in mgetty 1.1.28 and earlier allows local users to overwrite files via a symlink attack on JOB files.