Aggregates CVE and security vulnerability intelligence across all infodrom-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk sql injection and vendor risk buffer overflow, with potential vendor impact data exposure across vendor surface production workloads and vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-35067 | Plaintext Storage of a Password vulnerability in Infodrom Software E-Invoice Approval System allows Read Sensitive Strings Within an Executable. This issue affects E-Invoice Approval System: before v.20230701. | [email protected] | 7.5 | 0.08% | 2023-07-25 | 2026-05-22 |
| CVE-2023-35066 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Infodrom Software E-Invoice Approval System allows SQL Injection. This issue affects E-Invoice Approval System: before v.20230701. | [email protected] | 9.8 | 0.07% | 2023-07-25 | 2026-05-22 |
| CVE-2001-0735 | Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file. | [email protected] | 7.2 | 0.46% | 2001-10-18 | 2026-04-16 |
| CVE-2001-0609 | Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function. | [email protected] | 9.8 | 9.91% | 2001-08-02 | 2026-04-16 |
| CVE-1999-0708 | Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field. | [email protected] | 7.2 | 0.14% | 1999-09-21 | 2026-04-16 |
| CVE-1999-0813 | Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges. | [email protected] | 7.2 | 0.07% | 1999-08-10 | 2026-04-16 |
| CVE-1999-0259 | cfingerd lists all users on a system via search.**@target. | [email protected] | 5.0 | 0.61% | 1997-05-23 | 2026-04-16 |