Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-35179 | 2024-05-15 | N/A | 6.8 MEDIUM | ||
| Stalwart Mail Server is an open-source mail server. Prior to version 0.8.0, when using `RUN_AS_USER`, the specified user (and therefore, web interface admins) can read arbitrary files as root. This issue affects admins who have set up to run stalwart with `RUN_AS_USER` who handed out admin credentials to the mail server but expect these to only grant access according to the `RUN_AS_USER` and are attacked where the attackers managed to achieve Arbitrary Code Execution using another vulnerability. Version 0.8.0 contains a patch for the issue. | |||||
| CVE-2020-35513 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-02-28 | 4.0 MEDIUM | 4.9 MEDIUM |
| A flaw incorrect umask during file or directory modification in the Linux kernel NFS (network file system) functionality was found in the way user create and delete object using NFSv4.2 or newer if both simultaneously accessing the NFS by the other process that is not using new NFSv4.2. A user with access to the NFS could use this flaw to starve the resources causing denial of service. | |||||