Filtered by vendor Midnight-commander
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-36370 | 1 Midnight-commander | 1 Midnight Commander | 2021-09-08 | 7.5 High |
An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity. | ||||
CVE-2012-4463 | 1 Midnight-commander | 1 Midnight Commander | 2017-08-29 | N/A |
Midnight Commander (mc) 4.8.5 does not properly handle the (1) MC_EXT_SELECTED or (2) MC_EXT_ONLYTAGGED environment variables when multiple files are selected, which allows user-assisted remote attackers to execute arbitrary commands via a crafted file name. |
Page 1 of 1.