High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-05-26	CVE-2009-3721	Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. local low complexity gnome ytnef-project	7.8
2021-03-04	CVE-2021-3404	Out-of-bounds Write vulnerability in multiple products In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a crafted file. local low complexity ytnef-project redhat fedoraproject CWE-787	7.8
2021-03-04	CVE-2021-3403	Double Free vulnerability in multiple products In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a crafted file. local low complexity ytnef-project redhat fedoraproject CWE-415	7.8
2017-05-22	CVE-2017-9146	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ytnef Project Ytnef The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted tnef file. network low complexity ytnef-project CWE-119	8.8
2017-03-10	CVE-2017-6802	Out-of-bounds Read vulnerability in multiple products An issue was discovered in ytnef before 1.9.2. network low complexity ytnef-project debian CWE-125	7.5
2017-03-10	CVE-2017-6801	Out-of-bounds Read vulnerability in multiple products An issue was discovered in ytnef before 1.9.2. network low complexity ytnef-project debian CWE-125	7.5
2017-03-10	CVE-2017-6800	Out-of-bounds Read vulnerability in multiple products An issue was discovered in ytnef before 1.9.2. network low complexity ytnef-project debian CWE-125	7.5
2017-02-24	CVE-2017-6306	Path Traversal vulnerability in multiple products An issue was discovered in ytnef before 1.9.1. local low complexity ytnef-project debian CWE-22	7.8
2017-02-24	CVE-2017-6305	Out-of-bounds Write vulnerability in multiple products An issue was discovered in ytnef before 1.9.1. local low complexity ytnef-project debian CWE-787	7.8
2017-02-24	CVE-2017-6304	Out-of-bounds Read vulnerability in multiple products An issue was discovered in ytnef before 1.9.1. local low complexity ytnef-project debian CWE-125	7.8