MidnightBSD

Advisories for ethz

CVE-2016-4980 LOW

A password generation weakness exists in xquest through 2016-06-13.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 2.5 LOW CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N 1.0 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-330,

Products Affected

Vendor Product Version
redhat enterprise_linux 7.0
fedoraproject fedora 23
redhat enterprise_linux 6.0
ethz xquest *
CVE-2020-24364 MEDIUM

MineTime through 1.8.5 allows arbitrary command execution via the notes field in a meeting. Could lead to RCE via meeting invite.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-74,

Products Affected

Vendor Product Version
ethz minetime *
CVE-2022-36220

Kiosk breakout (without quit password) in Safe Exam Browser (Windows) <3.4.0, which allows an attacker to achieve code execution via the browsers' print dialog.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
ethz safe_exam_browser *