Vulnerabilities > Isync Project

DATE CVE VULNERABILITY TITLE RISK
2022-02-18 CVE-2021-3657 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in mbsync versions prior to 1.4.4.
network
low complexity
isync-project fedoraproject redhat debian CWE-119
critical
9.8
2022-02-16 CVE-2021-3578 Incorrect Type Conversion or Cast vulnerability in multiple products
A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response.
local
low complexity
isync-project fedoraproject debian CWE-704
7.8
2021-11-22 CVE-2021-44143 Out-of-bounds Write vulnerability in multiple products
A flaw was found in mbsync in isync 1.4.0 through 1.4.3.
network
low complexity
isync-project debian fedoraproject CWE-787
critical
9.8