Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-30	CVE-2021-36370	Improper Authentication vulnerability in Midnight-Commander Midnight Commander An issue was discovered in Midnight Commander through 4.8.26. network low complexity midnight-commander CWE-287	5.0
2012-10-10	CVE-2012-4463	Improper Input Validation vulnerability in Midnight-Commander Midnight Commander 4.8.5 Midnight Commander (mc) 4.8.5 does not properly handle the (1) MC_EXT_SELECTED or (2) MC_EXT_ONLYTAGGED environment variables when multiple files are selected, which allows user-assisted remote attackers to execute arbitrary commands via a crafted file name. network high complexity midnight-commander CWE-20	5.1
2005-05-02	CVE-2005-0763	Unspecified vulnerability in Midnight Commander Midnight Commander Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code. local low complexity midnight-commander	4.6
2005-04-14	CVE-2004-1174	direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2005-04-14	CVE-2004-1093	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2005-04-14	CVE-2004-1092	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory. network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2005-04-14	CVE-2004-1091	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference. network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2005-04-14	CVE-2004-1090	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header." network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2005-04-14	CVE-2004-1009	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2004-08-18	CVE-2004-0232	Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code. network low complexity midnight-commander sgi gentoo slackware	5.0