Lucene search
K

70 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-29132

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.0046EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 7:25 p.m.5 views

CVE-2021-25347

Hijacking vulnerability in Samsung Email application version prior to SMR Feb-2021 Release 1 allows attackers to intercept when the provider is executed...

5.3CVSS6.8AI score0.00114EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:50 p.m.7 views

CVE-2021-43270

Datalust Seq.App.EmailPlus aka seq-app-htmlemail 3.1.0-dev-00148, 3.1.0-dev-00170, and 3.1.0-dev-00176 can use cleartext SMTP on port 25 in some cases where encryption on port 465 was intended...

7.5CVSS7AI score0.00368EPSS
Exploits0
NVD
NVD
added 2022/08/04 6:15 p.m.26 views

CVE-2022-31119

Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions of Nextcloud mail would log user passwords to disk in the event of a misconfiguration. Should an attacker gain access to the logs complete access to affected accounts would be obtainable. It is...

4.9CVSS0.00621EPSS
Exploits0References3
CVE
CVE
added 2022/08/04 5:15 p.m.79 views

CVE-2022-31119

CVE-2022-31119 affects Nextcloud Mail: affected versions log user passwords to disk upon misconfiguration, enabling potential complete account access if log files are compromised. RedHat/Red Hat-affiliated advisories and Nextcloud security notes confirm the issue and recommend upgrading Nextcloud...

4.9CVSS4.7AI score0.00621EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/08/04 5:15 p.m.25 views

CVE-2022-31119 Password disclosure in log file in Nextcloud Mail App

Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions of Nextcloud mail would log user passwords to disk in the event of a misconfiguration. Should an attacker gain access to the logs complete access to affected accounts would be obtainable. It is...

3.1CVSS5.1AI score0.00621EPSS
Exploits0References5
NVD
NVD
added 2022/08/04 5:15 p.m.36 views

CVE-2022-31132

Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path ./vendor/cerdic/css-tidy/cssoptimiser.php. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery SSRF. It is recommendet t...

9.8CVSS0.00604EPSS
Exploits0References1
CVE
CVE
added 2022/08/04 5:10 p.m.93 views

CVE-2022-31132

The CVE-2022-31132 issue affects Nextcloud Mail where versions shipped with the CSS minifier at ./vendor/cerdic/css-tidy/css_optimiser.php expose an unrestricted interface, enabling unauthenticated SSRF. Affected software is Nextcloud Mail; impact is described as Server-Side Request Forgery with ...

9.8CVSS9.2AI score0.00604EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2021/04/30 12:0 a.m.5 views

Samsung Email Information Disclosure Vulnerability (CNVD-2021-39551)

Samsung Email application is a cell phone application from Samsung South Korea. It provides the function of sending and receiving e-mail. An information disclosure vulnerability exists in versions prior to Samsung Email 6.1.41.0, which can be exploited by a remote attacker to obtain attachments t...

6.5CVSS6.3AI score0.012EPSS
Exploits0References1
CNVD
CNVD
added 2021/03/11 12:0 a.m.5 views

Samsung Email application authorization issue vulnerability

Samsung Email application is a cell phone application from Samsung South Korea. It provides the function of sending and receiving e-mail. A security vulnerability exists in the Samsung Email application version, which can be exploited by an attacker to intercept the provider at the time of...

5.3CVSS6.9AI score0.00114EPSS
Exploits0References1
NVD
NVD
added 2020/09/14 7:15 p.m.19 views

CVE-2019-14756

An issue was discovered in KaiOS 1.0, 2.5, and 2.5.12.5. The pre-installed Email application is vulnerable to HTML and JavaScript injection attacks. An attacker can send a specially crafted email to the victim that will inject HTML into the email application's UI as soon as the email is opened. A...

6.1CVSS0.00798EPSS
Exploits1References1
Prion
Prion
added 2020/09/14 7:15 p.m.15 views

Input validation

An issue was discovered in KaiOS 1.0, 2.5, and 2.5.12.5. The pre-installed Email application is vulnerable to HTML and JavaScript injection attacks. An attacker can send a specially crafted email to the victim that will inject HTML into the email application's UI as soon as the email is opened. A...

4.3CVSS6.3AI score0.00798EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/09/14 6:32 p.m.20 views

CVE-2019-14756

An issue was discovered in KaiOS 1.0, 2.5, and 2.5.12.5. The pre-installed Email application is vulnerable to HTML and JavaScript injection attacks. An attacker can send a specially crafted email to the victim that will inject HTML into the email application's UI as soon as the email is opened. A...

6.4AI score0.00798EPSS
Exploits1References1
CVE
CVE
added 2020/09/14 6:32 p.m.41 views

CVE-2019-14756

KaiOS Email app (pre-installed) on KaiOS 1.0, 2.5 and 2.5.12.5 is vulnerable to HTML/JavaScript injection via specially crafted emails. When such an email is opened, HTML can be injected into the Email UI, potentially allowing UI control (e.g., prompting for credentials) and abuse of app privileg...

6.1CVSS6.4AI score0.00798EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2020/04/28 4:15 a.m.3 views

CVE-2020-5564

Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the application 'E-mail'...

6.1CVSS6.3AI score0.00781EPSS
Exploits0References2
CNVD
CNVD
added 2020/04/28 12:0 a.m.3 views

Cybozu Garoon License Issue Vulnerability (CNVD-2020-26659)

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. An authorization issue vulnerability exists in Cybozu Garoon versions 4.0.0 to 4.10.3. A remote attacker can...

4.3CVSS6.9AI score0.01058EPSS
Exploits0References1
OSV
OSV
added 2020/04/07 4:15 p.m.2 views

CVE-2017-18653

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.x software. The Email application allows attackers to send emails on behalf of any user via a broadcasted intent. The Samsung ID is SVE-2017-9357 September 2017...

4.3CVSS5.8AI score0.00272EPSS
Exploits0References1
NVD
NVD
added 2020/04/07 4:15 p.m.18 views

CVE-2017-18653

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.x software. The Email application allows attackers to send emails on behalf of any user via a broadcasted intent. The Samsung ID is SVE-2017-9357 September 2017...

4.3CVSS4.7AI score0.00272EPSS
Exploits0References1
CVE
CVE
added 2020/04/07 3:49 p.m.53 views

CVE-2017-18653

CVE-2017-18653 affects Samsung mobile devices running KK (4.4), L (5.0/5.1), M (6.0), and N (7.x). The Email application is vulnerable to an attack via a broadcasted intent that allows an attacker to send emails on behalf of any user. The issue is identified by Samsung as SVE-2017-9357 (Sept 2017...

4.3CVSS4.7AI score0.00272EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2019/07/18 12:0 a.m.2 views

Unspecified Vulnerability in Cybozu Garoon E-mail

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. An unspecified vulnerability exists in the E-mail application in Cybozu Garoon versions 4.0.0 through 4.10.2. No...

4.3CVSS6.9AI score0.01058EPSS
Exploits0References1
Rows per page
Query Builder