41 matches found
CVE-2026-29138
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to claim another user's PGP signature as their own...
CVE-2026-29131
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to read the contents of emails encrypted for other users...
CVE-2026-29131
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to read the contents of emails encrypted for other users...
CVE-2026-29138
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to claim another user's PGP signature as their own...
PT-2026-29699
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to read the contents of emails encrypted for other users...
EUVD-2017-0075
Malware in sbrugna...
GitLab < 16.9.6 / 16.10 < 16.10.4 / 16.11 < 16.11.1 (CVE-2024-1347)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. Under certain...
Gitlab -- vulnerabilities
Gitlab reports: GitLab account takeover, under certain conditions, when using Bitbucket as an OAuth provider Path Traversal leads to DoS and Restricted File Read Unauthenticated ReDoS in FileFinder when using wildcard filters in project file search Personal Access Token scopes not honoured by...
Broadleaf vulnerable to Cross-site Scripting
Broadleaf 5.x and 6.x including 5.2.25-GA and 6.2.6-GA was discovered to contain a cross-site scripting XSS vulnerability via a customer signup with a crafted email address. This is fixed in 6.2.7-GA...
SUSE CVE-2013-4389
Multiple format string vulnerabilities in logsubscriber.rb files in the log subscriber component in Action Mailer in Ruby on Rails 3.x before 3.2.15 allow remote attackers to cause a denial of service via a crafted e-mail address that is improperly handled during construction of a log message...
SUSE CVE-2014-7844
BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address...
SUSE CVE-2016-10034
The setFrom function in the Sendmail adapter in the zend-mail component before 2.4.11, 2.5.x, 2.6.x, and 2.7.x before 2.7.2, and Zend Framework before 2.4.11 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a " backslash double...
CVE-2017-15612
mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline such as in java\nscript: or a crafted email address, related to the escape and autolink functions...
GHSA-HPV5-V8G5-C864 Cross-site Scripting in Mistune
mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline such as in java\nscript: or a crafted email address, related to the escape and autolink functions...
Cross-site Scripting in Mistune
mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline such as in java\nscript: or a crafted email address, related to the escape and autolink functions...
GHSA-HGR8-G756-VMG9 Zeta Components Mail Arbitrary code execution via a crafted email address
The send function in the ezcMailMtaTransport class in Zeta Components Mail before 1.8.2 does not properly restrict the set of characters used in the ezcMail returnPath property, which might allow remote attackers to execute arbitrary code via a crafted email address, as demonstrated by one...
Zeta Components Mail Arbitrary code execution via a crafted email address
The send function in the ezcMailMtaTransport class in Zeta Components Mail before 1.8.2 does not properly restrict the set of characters used in the ezcMail returnPath property, which might allow remote attackers to execute arbitrary code via a crafted email address, as demonstrated by one...
CVE-2019-20519
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the user/ URI, as demonstrated by a crafted e-mail address...
DEBIAN-CVE-2014-7844
BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address...
CVE-2014-7844
BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address...