Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36370 | 1 Midnight-commander | 1 Midnight Commander | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity. | |||||
| CVE-2012-4463 | 1 Midnight-commander | 1 Midnight Commander | 2024-02-28 | 5.1 MEDIUM | N/A |
| Midnight Commander (mc) 4.8.5 does not properly handle the (1) MC_EXT_SELECTED or (2) MC_EXT_ONLYTAGGED environment variables when multiple files are selected, which allows user-assisted remote attackers to execute arbitrary commands via a crafted file name. | |||||