Vulnerabilities > Netatalk > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-16 | CVE-2024-38439 | Out-of-bounds Write vulnerability in Netatalk Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[PASSWDLEN] to '\0' in FPLoginExt in login in etc/uams/uams_pam.c. | 9.8 |
| 2023-09-20 | CVE-2023-42464 | Type Confusion vulnerability in multiple products A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. | 9.8 |
| 2023-03-29 | CVE-2022-43634 | Heap-based Buffer Overflow vulnerability in Netatalk 3.1.13 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. | 9.8 |
| 2023-03-28 | CVE-2022-0194 | Out-of-bounds Write vulnerability in multiple products This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. | 9.8 |
| 2023-03-28 | CVE-2022-23121 | Improper Handling of Exceptional Conditions vulnerability in multiple products This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. | 9.8 |
| 2023-03-28 | CVE-2022-23122 | Out-of-bounds Write vulnerability in multiple products This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. | 9.8 |
| 2023-03-28 | CVE-2022-23123 | Out-of-bounds Read vulnerability in multiple products This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. | 9.8 |
| 2023-03-28 | CVE-2022-23124 | Out-of-bounds Read vulnerability in multiple products This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. | 9.8 |
| 2023-03-28 | CVE-2022-23125 | Out-of-bounds Write vulnerability in multiple products This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. | 9.8 |
| 2022-03-25 | CVE-2022-22995 | Link Following vulnerability in multiple products The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. | 9.8 |