Skip to main content

Dino

5 CVEs product

Monthly

CVE-2023-28686 HIGH PATCH This Week

Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Dino Fedora Debian Linux
NVD
CVSS 3.1
7.1
EPSS
0.7%
CVE-2021-33896 MEDIUM PATCH This Month

Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal (only for creation of new files) via URI-encoded path separators. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Dino Fedora
NVD
CVSS 3.1
5.3
EPSS
1.8%
CVE-2019-16237 HIGH PATCH This Week

Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Dino Ubuntu Linux Fedora Debian Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2019-16236 HIGH POC PATCH This Week

Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Dino Ubuntu Linux Fedora Debian Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
2.4%
CVE-2019-16235 HIGH POC PATCH This Week

Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_message_carbons.vala. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Dino Ubuntu Linux Fedora Debian Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Dino Fedora +1
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal (only for creation of new files) via URI-encoded path separators. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Dino Fedora
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Dino Ubuntu Linux +2
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Dino Ubuntu Linux +2
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_message_carbons.vala. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Dino Ubuntu Linux +2
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy