Vulnerabilities > Midnight Commander

DATE CVE VULNERABILITY TITLE RISK
2021-08-30 CVE-2021-36370 Improper Authentication vulnerability in Midnight-Commander Midnight Commander
An issue was discovered in Midnight Commander through 4.8.26.
network
low complexity
midnight-commander CWE-287
5.0
2012-10-10 CVE-2012-4463 Improper Input Validation vulnerability in Midnight-Commander Midnight Commander 4.8.5
Midnight Commander (mc) 4.8.5 does not properly handle the (1) MC_EXT_SELECTED or (2) MC_EXT_ONLYTAGGED environment variables when multiple files are selected, which allows user-assisted remote attackers to execute arbitrary commands via a crafted file name.
network
high complexity
midnight-commander CWE-20
5.1
2005-05-02 CVE-2005-0763 Unspecified vulnerability in Midnight Commander Midnight Commander
Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code.
local
low complexity
midnight-commander
4.6
2005-04-14 CVE-2004-1004 Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. 7.5
2005-04-14 CVE-2004-1005 Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. 7.5
2005-04-14 CVE-2004-1009 Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. 5.0
2005-04-14 CVE-2004-1090 Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header." 5.0
2005-04-14 CVE-2004-1091 Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference. 5.0
2005-04-14 CVE-2004-1092 Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory. 5.0
2005-04-14 CVE-2004-1093 Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." 5.0