1631 matches found
CVE-2026-22601 OpenProject is Vulnerable to Code Execution in E-Mail function
OpenProject is an open-source, web-based project management software. For OpenProject version 16.6.1 and below, a registered administrator can execute arbitrary command by configuring sendmail binary path and sending a test email. This issue has been patched in version 16.6.2...
PT-2026-2221
Name of the Vulnerable Software and Affected Versions OpenProject versions 16.6.1 and below Description OpenProject is a web-based project management software. A registered administrator can execute arbitrary commands by configuring the sendmail binary path and sending a test email. The issue...
OpenProject 命令注入漏洞
OpenProject is a Web-based project management software from OpenProject open source. A command injection vulnerability exists in OpenProject 16.6.1 and earlier versions that originates from a registered administrator being able to execute arbitrary commands by configuring the sendmail binary path...
CVE-2025-56425
An issue was discovered in the AppConnector component version 10.10.0.183 and earlier of enaio 10.10, in the AppConnector component version 11.0.0.183 and earlier of enaio 11.0, and in the AppConnctor component version 11.10.0.183 and earlier of enaio 11.10. The vulnerability allows authenticated...
CVE-2025-56425
An issue was discovered in the AppConnector component version 10.10.0.183 and earlier of enaio 10.10, in the AppConnector component version 11.0.0.183 and earlier of enaio 11.0, and in the AppConnctor component version 11.10.0.183 and earlier of enaio 11.10. The vulnerability allows authenticated...
CVE-2025-56425
An issue was discovered in the AppConnector component version 10.10.0.183 and earlier of enaio 10.10, in the AppConnector component version 11.0.0.183 and earlier of enaio 11.0, and in the AppConnctor component version 11.10.0.183 and earlier of enaio 11.10. The vulnerability allows authenticated...
CVE-2025-56425
An issue was discovered in the AppConnector component version 10.10.0.183 and earlier of enaio 10.10, in the AppConnector component version 11.0.0.183 and earlier of enaio 11.0, and in the AppConnctor component version 11.10.0.183 and earlier of enaio 11.10. The vulnerability allows authenticated...
CVE-2025-56425
An issue was discovered in the AppConnector component version 10.10.0.183 and earlier of enaio 10.10, in the AppConnector component version 11.0.0.183 and earlier of enaio 11.0, and in the AppConnctor component version 11.10.0.183 and earlier of enaio 11.10. The vulnerability allows authenticated...
PT-2026-1819
Name of the Vulnerable Software and Affected Versions enaio versions 10.10.0.183 and earlier enaio versions 11.0.0.183 and earlier enaio versions 11.10.0.183 and earlier Description The AppConnector component is susceptible to command injection. Authenticated remote attackers can inject arbitrary...
CVE-2025-56425
CVE-2025-56425 affects OPTIMAL SYSTEMS enaio AppConnector components (versions up to 10.10.0.183 for enaio 10.10, 11.0.0.183 for enaio 11.0, and 11.10.0.183 for enaio 11.10). The vulnerability allows authenticated remote attackers to inject arbitrary SMTP commands via crafted input to the /osrest...
CVE-1999-0205
Denial of service in Sendmail 8.6.11 and 8.6.12...
CVE-1999-0098
Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities...
CVE-1999-0661
A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as 1 TCP Wrappers 7.6, 2 util-linux 2.9g, 3 wuarchive ftpd wuftpd 2.2 and 2.1f, 4 IRC client ircII ircII 2.2.9, 5 OpenSSH 3.4p1, or 6 Sendmail 8.12.6...
CVE-1999-0203
In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program...
CVE-1999-0131
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users...
CVE-1999-0684
Denial of service in Sendmail 8.8.6 in HPUX...
CVE-1999-0145
Sendmail WIZ command enabled, allowing root access...
CVE-1999-0163
In older versions of Sendmail, an attacker could use a pipe character to execute root commands...
CVE-1999-0095
The debug command in Sendmail is enabled, allowing attackers to execute commands as root...
CVE-1999-0769
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable...