Skip to main content

Isync

2 CVEs product

Monthly

CVE-2021-44143 CRITICAL PATCH Act Now

A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Isync Debian Linux +1
NVD
CVSS 3.1
9.8
EPSS
3.7%
CVE-2013-0289 MEDIUM PATCH This Month

Isync 0.4 before 1.0.6, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Isync
NVD
CVSS 2.0
4.3
EPSS
0.6%
EPSS 4% CVSS 9.8
CRITICAL PATCH Act Now

A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption +3
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Isync 0.4 before 1.0.6, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Isync
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy