Lucene search
+L

80 matches found

OSV
OSV
added 2022/04/01 11:15 p.m.4 views

UBUNTU-CVE-2022-0741

Improper input validation in all versions of GitLab CE/EE using sendmail to send emails allowed an attacker to steal environment variables via specially crafted email addresses...

7.5CVSS5.8AI score0.01419EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/02/17 12:0 a.m.5 views

CVE-2022-20653

A vulnerability in the DNS-based Authentication of Named Entities DANE email verification component of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability...

7.5CVSS7.3AI score0.01833EPSS
Exploits0References2
OSV
OSV
added 2021/11/04 4:15 p.m.4 views

CVE-2021-34741

A vulnerability in the email scanning algorithm of Cisco AsyncOS software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to perform a denial of service DoS attack against an affected device. This vulnerability is due to insufficient input validation of...

7.5CVSS5.8AI score0.01248EPSS
Exploits0References1
Veracode
Veracode
added 2021/06/19 8:16 p.m.6 views

Cross-site Scripting (XSS)

otrs2:sid is vulnerable to cross-site scripting. It's possible to collect various information by having an e-mail shown in the overview screen. Attack can be performed by sending specially crafted e-mail to the system and it doesn't require any user intraction...

7.5CVSS6AI score0.01216EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2020/11/05 11:15 a.m.18 views

CVE-2020-7761

This affects the package @absolunet/kafe before 3.2.10. It allows cause a denial of service when validating crafted invalid emails...

5.3CVSS5.2AI score0.01555EPSS
Exploits0References2
Snyk
Snyk
added 2020/10/15 8:5 a.m.6 views

Regular Expression Denial of Service (ReDoS)

Overview djvalidator is a DjValidator is the jquery plugin for validating web forms, simpler, faster to use and flexible, it does not depend on any UI framework. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS by sending crafted invalid emails - for...

7.5CVSS6.7AI score0.01732EPSS
Exploits1References2
OSV
OSV
added 2020/01/15 7:15 p.m.2 views

DEBIAN-CVE-2019-15961

A vulnerability in the email parsing module Clam AntiVirus ClamAV Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in...

6.5CVSS7.4AI score0.03135EPSS
Exploits1References1
OSV
OSV
added 2019/11/25 12:0 a.m.1 views

UBUNTU-CVE-2019-15961

A vulnerability in the email parsing module Clam AntiVirus ClamAV Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in...

7.5CVSS7AI score0.03135EPSS
Exploits1References5
CNVD
CNVD
added 2019/11/22 12:0 a.m.5 views

Microsoft Outlook for Android Spoofing Vulnerability

Microsoft Outlook for Android is an email application for the Android-based platform from Microsoft USA. A spoofing vulnerability exists in the way Microsoft Outlook for Android parses specially crafted emails. An attacker could exploit this vulnerability by sending a specially crafted email to a...

4.6CVSS6AI score0.01445EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/21 12:0 a.m.35 views

Microsoft Outlook Elevation of Privilege Vulnerability (CNVD-2019-40535)

Microsoft Outlook is a personal information management system software with features such as sending and receiving e-mail, calendars and more. An elevation of privilege vulnerability exists in Microsoft Outlook, which arises from a failure to adequately validate the format of incoming emails as...

4.3CVSS6.7AI score0.04423EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/08/13 12:0 a.m.9 views

PT-2019-2996 · Microsoft · Outlook Ios

Name of the Vulnerable Software and Affected Versions: Microsoft Outlook iOS affected versions not specified Description: The issue exists due to insufficient input validation in the Microsoft Outlook iOS software. This allows a remote attacker to perform cross-site scripting attacks, potentially...

5.4CVSS5.7AI score0.03879EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/07/25 12:0 a.m.34 views

SUSE SLED12 / SLES12 Security Update : spamassassin (SUSE-SU-2019:1961-1)

This update for spamassassin to version 3.4.2 fixes the following issues : Security issues fixed : CVE-2017-15705: Fixed denial of service via unclosed tags in crafted emails bsc1108745. CVE-2018-11781: Fixed a code injection in the meta rule syntax by local users bsc1108748. CVE-2018-11780: Fixe...

9.8CVSS7.3AI score0.1082EPSS
Exploits0References12
OSV
OSV
added 2019/07/06 2:15 a.m.5 views

CVE-2019-1933

A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass configured filters on the device. The vulnerability is due to improper input validation of certain email fields. An attacker cou...

7.4CVSS7AI score0.0124EPSS
Exploits0References1
OSV
OSV
added 2019/07/02 8:31 a.m.9 views

SUSE-SU-2019:1266-2 Security update for evolution

This update for evolution fixes the following issues: Security issue fixed: - CVE-2018-15587: Fixed an issue with spoofed pgp signatures by using specially crafted emails bsc1125230...

6.5CVSS6.7AI score0.02443EPSS
Exploits1References3
CNVD
CNVD
added 2019/06/28 12:0 a.m.6 views

Microsoft Outlook for Android Spoofing Vulnerability

Microsoft Outlook for Android is an email application for the Android-based platform from Microsoft USA. A security vulnerability exists in Microsoft Outlook for Android. An attacker can exploit this vulnerability by sending a specially crafted email message to perform a cross-site scripting atta...

5.4CVSS6.1AI score0.01817EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2019/06/20 7:39 p.m.1 views

Important Flaw in Outlook App for Android Affects Over 100 Millions Users

Update 22 June 2019 — More technical details and proof-of-concept for the OutLook for Android vulnerability has been released that we have covered in a separate article here. Microsoft today released an updated version of its "Outlook for Android" that patches an important security vulnerability ...

5.4CVSS6.3AI score0.01817EPSS
Exploits0
CNVD
CNVD
added 2019/06/14 12:0 a.m.2 views

Mozilla Thunderbird heap buffer overflow vulnerability (CNVD-2019-19317)

Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The program supports IMAP, POP mail protocols and HTML mail format. A buffer overflow vulnerability exists in the icalvalue.c file in Mozilla Thunderbird...

9.8CVSS9.1AI score0.10527EPSS
Exploits4References1
BDU FSTEC
BDU FSTEC
added 2019/04/17 12:0 a.m.8 views

The vulnerability of the Outlook Web Access email server component of the Microsoft Exchange Server allows a attacker to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Outlook Web Access OWA component of the Microsoft Exchange Server email server is related to errors in processing web requests. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of protected information through speciall...

5.8CVSS5.9AI score0.0229EPSS
Exploits0References2Affected Software1
ThreatPost
ThreatPost
added 2018/10/24 4:32 p.m.560 views

sLoad Banking Trojan Downloader Displays Sophisticated Recon and Targeting

A new PowerShell downloader dubbed sLoad is making the rounds, sporting impressive reconnaissance tactics and a penchant for geofencing, which indicate increasing sophistication when it comes to targeting efforts. First spotted in May 2018, sLoad typically delivers the Ramnit banking trojan but h...

0.3AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2018/10/11 9:34 p.m.5 views

spamassassin: Certain unclosed tags in crafted emails allow for scan timeouts and result in denial of service

A flaw was found in the way SpamAssassin processes HTML email containing unclosed HTML tags. A carefully crafted mail message could cause SpamAssassin to consume significant resources. If a large number of these messages are sent, a denial of service could occur potentially delaying or preventing...

5.3CVSS5.8AI score0.07879EPSS
Exploits0References5
Rows per page
Query Builder