CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 1CVE-2021-35975
https://notcve.org/view.php?id=CVE-2021-35975
30 Nov 2023 — Absolute path traversal vulnerability in the Systematica SMTP Adapter component (up to v2.0.1.101) in Systematica Radius (up to v.3.9.256.777) allows remote attackers to read arbitrary files via a full pathname in GET parameter "file" in URL. Also: affected components in same product - HTTP Adapter (up to v.1.8.0.15), MSSQL MessageBus Proxy (up to v.1.1.06), Financial Calculator (up to v.1.3.05), FIX Adapter (up to v.2.4.0.25) Vulnerabilidad de path traversal absoluto en el componente Systematica SMTP Adapt... • https://github.com/fbkcs/CVE-2021-35975 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 2%CPEs: 8EXPL: 1CVE-2013-2220 – Debian Security Advisory 2726-1
https://notcve.org/view.php?id=CVE-2013-2220
02 Jul 2013 — Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value. Desbordamiento de búfer en la función radius_get_vendor_attr en la extensión Radius anterior a 1.2.7 para PHP, permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente la ejecución de código arbitraria a través de un valor alt... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=714362 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2004-0849
https://notcve.org/view.php?id=CVE-2004-0849
17 Sep 2004 — Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests. Desbordamiento de enteros en la función asn_decode_string() definida en asn1.c en radiusd de GNU Radius 1.1 y 1.2 anteriores a 1.2.94, cuando se compila con la opción --enable-snmp, permite a atacantes remotos causar una denegación de servicio (caí... • http://lists.gnu.org/archive/html/info-gnu-radius/2004-09/msg00000.html •
CVSS: 9.8EPSS: 29%CPEs: 40EXPL: 0CVE-2001-1376
https://notcve.org/view.php?id=CVE-2001-1376
04 Mar 2002 — Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data. • http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html •
CVSS: 7.5EPSS: 10%CPEs: 40EXPL: 0CVE-2001-1377
https://notcve.org/view.php?id=CVE-2001-1377
04 Mar 2002 — Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 0CVE-1999-0244
https://notcve.org/view.php?id=CVE-1999-0244
01 Dec 1997 — Livingston RADIUS code has a buffer overflow which can allow remote execution of commands as root. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0244 •