Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Sylpheed Security Vulnerabilities

cve
cve

CVE-2021-37746

textview_uri_security_check in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a...

6.1CVSS

6.1AI Score

0.001EPSS

2021-07-30 03:15 PM
62
4
cve
cve

CVE-2017-17517

libsylph/utils.c in Sylpheed through 3.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted...

8.8CVSS

8.4AI Score

0.002EPSS

2017-12-14 04:29 PM
22
cve
cve

CVE-2007-2958

Format string vulnerability in the inc_put_error function in src/inc.c in Sylpheed 2.4.4, and Sylpheed-Claws (Claws Mail) 1.9.100 and 2.10.0, allows remote POP3 servers to execute arbitrary code via format string specifiers in crafted...

7.2AI Score

0.024EPSS

2007-08-27 05:17 PM
21
cve
cve

CVE-2007-1267

Sylpheed 2.2.7 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Sylpheed from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message...

6.6AI Score

0.027EPSS

2007-03-06 08:19 PM
22
cve
cve

CVE-2006-2920

Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space...

6.8AI Score

0.206EPSS

2006-06-09 01:02 AM
24
cve
cve

CVE-2005-3354

Stack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long...

7.3AI Score

0.002EPSS

2005-11-20 09:03 PM
26
cve
cve

CVE-2005-0926

Buffer overflow in Sylpheed before 1.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attachments with MIME-encoded file...

8.1AI Score

0.004EPSS

2005-05-02 04:00 AM
20
cve
cve

CVE-2005-0667

Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the...

7.6AI Score

0.055EPSS

2005-03-07 05:00 AM
26
cve
cve

CVE-2003-0852

Format string vulnerability in send_message.c for Sylpheed-claws 0.9.4 through 0.9.6 allows remote SMTP servers to cause a denial of service (crash) in sylpheed via format strings in an error...

7.4AI Score

0.004EPSS

2003-11-17 05:00 AM
27