EUVD-2023-46196

Malicious code in bioql PyPI...

CVE-2023-41704

Processing of CID references at E-Mail can be abused to inject malicious script code that passes the sanitization engine. Malicious script code could be injected to a users sessions when interacting with E-Mails. Please deploy the provided updates and patch releases. CID handing has been improved...

PT-2024-12962 · Open Xchange Gmbh +1 · Ox App Suite +2

Name of the Vulnerable Software and Affected Versions: No specific software name or affected versions are mentioned in the provided descriptions. Description: The issue concerns the processing of CID references in E-Mail, which can be exploited to inject malicious script code that bypasses the...

SUSE CVE-2017-17848

An issue was discovered in Enigmail before 1.9.9. In a variant of CVE-2017-17847, signature spoofing is possible for multipart/related messages because a signed message part can be referenced with a cid: URI but not actually displayed. In other words, the entire containing message appears to be...

DEBIAN-CVE-2017-17848

An issue was discovered in Enigmail before 1.9.9. In a variant of CVE-2017-17847, signature spoofing is possible for multipart/related messages because a signed message part can be referenced with a cid: URI but not actually displayed. In other words, the entire containing message appears to be...

Enigmail signature spoofing vulnerability (CNVD-2018-00136)

Enigmail is a data encryption and decryption extension for Mozilla Thunderbird and SeaMonkey web packages that provides OpenPGP's email public key encryption and signing capabilities. A signature spoofing vulnerability exists in multipart/related messages in versions of Enigmail prior to 1.9.9. T...