Lucene search
K

1633 matches found

OpenVAS
OpenVAS
added 2021/03/31 12:0 a.m.8 views

Fedora: Security Advisory for exim (FEDORA-2021-4eaf89b133)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2021/03/30 12:17 a.m.17 views

[SECURITY] Fedora 34 Update: exim-4.94-7.fc34

Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...

1.5AI score
Exploits0
Fedora
Fedora
added 2021/01/30 1:42 a.m.96 views

[SECURITY] Fedora 32 Update: opensmtpd-6.8.0p2-1.fc32

OpenSMTPD is a FREE implementation of the server-side SMTP protocol as defi ned by RFC 5321, with some additional standard extensions. It allows ordinary machines to exchange e-mails with other systems speaking the SMTP protocol. Started out of dissatisfaction with other implementations, OpenSMTP...

7.5CVSS0.8AI score0.03578EPSS
Exploits0
Gitee
Gitee
added 2020/11/26 8:56 a.m.4 views

shadowbroker

This repository contains a collection of exploits and tools, including the "Lost In Translation" leak from the Shadow Brokers. The repository includes exploits for various vulnerabilities, such as RedHat 7.0-7.1 Sendmail 8.11.x, Solaris 6, 7, 8, 9 & 10, and Samba 3.0.x Linux. The exploits are...

7.8AI score
Exploits0
CNVD
CNVD
added 2020/11/19 12:0 a.m.4 views

Nodemailer Injection Vulnerability

Nodemailer is the Nodemailer team of a use can provide the ability to send e-mail JS code library . An injection vulnerability exists in versions of nodemailer prior to 6.4.16, which stems from the fact that the use of a carefully crafted recipient email address may result in arbitrary command fl...

9.8CVSS7.8AI score0.02316EPSS
Exploits1References1
Veracode
Veracode
added 2020/11/13 4:43 a.m.26 views

Command Injection

nodemailer is vulnerable to command injection. An attacker can inject malicious command flag via recipient email addresses in sendmail transport due to lack of validation for invalid email addresses...

9.8CVSS3.8AI score0.02316EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2020/11/12 6:15 p.m.21 views

CVE-2020-28247

The lettre library through 0.10.0-alpha for Rust allows arbitrary sendmail option injection via transport/sendmail/mod.rs...

5.3CVSS5.6AI score0.01503EPSS
Exploits0References3
OSV
OSV
added 2020/11/12 6:15 p.m.12 views

CVE-2020-28247

The lettre library through 0.10.0-alpha for Rust allows arbitrary sendmail option injection via transport/sendmail/mod.rs...

5.3CVSS5.7AI score
Exploits0References3
Prion
Prion
added 2020/11/12 6:15 p.m.15 views

Design/Logic Flaw

The lettre library through 0.10.0-alpha for Rust allows arbitrary sendmail option injection via transport/sendmail/mod.rs...

5CVSS5.6AI score0.01503EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2020/11/12 6:3 p.m.25 views

CVE-2020-28247

The lettre library through 0.10.0-alpha for Rust allows arbitrary sendmail option injection via transport/sendmail/mod.rs...

5.5AI score0.01503EPSS
Exploits0References3
NVD
NVD
added 2020/11/12 9:15 a.m.16 views

CVE-2020-7769

This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails...

9.8CVSS9.6AI score0.02316EPSS
Exploits1References4
OSV
OSV
added 2020/11/12 9:15 a.m.1 views

DEBIAN-CVE-2020-7769

This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails...

9.8CVSS8.8AI score0.02316EPSS
Exploits1References1
OSV
OSV
added 2020/11/12 9:15 a.m.16 views

CVE-2020-7769

This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails...

9.8CVSS7.3AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2020/11/12 9:15 a.m.25 views

CVE-2020-7769

This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails...

9.8CVSS7.3AI score0.02316EPSS
Exploits1References5
Prion
Prion
added 2020/11/12 9:15 a.m.15 views

Command injection

This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails...

7.5CVSS9.7AI score0.02316EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2020/11/12 9:15 a.m.3 views

UBUNTU-CVE-2020-7769

This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails...

9.8CVSS5.9AI score0.02316EPSS
Exploits1References6
Cvelist
Cvelist
added 2020/11/12 8:30 a.m.24 views

CVE-2020-7769 Command Injection

This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails...

8.6CVSS9.8AI score0.02316EPSS
Exploits1References4
Snyk
Snyk
added 2020/11/11 1:17 p.m.3 views

Command Injection

Overview nodemailer is an Easy as cake e-mail sending from your Node.js applications Affected versions of this package are vulnerable to Command Injection. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails. PoC...

9.8CVSS7.5AI score0.02316EPSS
Exploits1References2
RustSec
RustSec
added 2020/11/11 12:0 p.m.20 views

Argument injection in sendmail transport

Affected versions of lettre allowed argument injection to the sendmail command. It was possible, using forged to addresses, to pass arbitrary arguments to the sendmail executable. Depending on the implementation original sendmail, postfix, exim, etc. it could be possible in some cases to write...

5.3CVSS3.6AI score0.01503EPSS
Exploits0Affected Software1
OSV
OSV
added 2020/11/11 12:0 p.m.29 views

RUSTSEC-2020-0069 Argument injection in sendmail transport

Affected versions of lettre allowed argument injection to the sendmail command. It was possible, using forged to addresses, to pass arbitrary arguments to the sendmail executable. Depending on the implementation original sendmail, postfix, exim, etc. it could be possible in some cases to write...

5.3CVSS5.3AI score0.01503EPSS
Exploits0References3
Rows per page
Query Builder