341 matches found
Design/Logic Flaw
Vulnerability of unauthorized access to email attachments in the email module. Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2023-49243
Vulnerability of unauthorized access to email attachments in the email module. Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2023-49243
CVE-2023-49243 describes a vulnerability in the Huawei HarmonyOS email module that allows unauthorized access to email attachments, potentially affecting service confidentiality. Multiple connected sources confirm the issue stems from an email-attachment handling weakness across Huawei HarmonyOS/...
PT-2023-31130 · Unknown · Email Module
Name of the Vulnerable Software and Affected Versions: Email module affected versions not specified Description: The issue concerns unauthorized access to email attachments within the email module, potentially affecting service confidentiality. Recommendations: At the moment, there is no...
Huawei HarmonyOS Security Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from an email attachment override vulnerability in the email module. Successful exploitation...
NewStart CGSL MAIN 6.06 : PyYAML Multiple Vulnerabilities (NS-SA-2023-0139)
The remote NewStart CGSL host, running version MAIN 6.06, has PyYAML packages installed that are affected by multiple vulnerabilities: - In PyYAML before 5.1, the yaml.load API could execute arbitrary code if used with untrusted data. The load function has been deprecated in version 5.1 and the...
SAMSUNG Mobile devices security vulnerability
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability previously existed in SAMSUNG Mobile devices version 6.1.90.4, which stemmed from an improper authorization validation...
SUSE SLES15: libpython2_7-1_0 / libpython2_7-1_0-32bit / python / python-32bit / etc (SUSE-SU-2023:4220-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4220-1 advisory. - CVE-2022-48566: Fixed a potential timing side channel due to inadequate checking during HMAC comparison bsc1214691. Tenable has...
Oracle Linux 7 : python3 (ELSA-2020-1132)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1132 advisory. - Security fix for CVE-2019-16056 Resolves: rhbz1750774 Tenable has extracted the preceding description block directly from the Oracle Linux security...
Oracle Linux 8 : python27:2.7 (ELSA-2020-1605)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1605 advisory. - The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect...
The vulnerability of the email module in the Python programming language interpreter allows attackers to bypass the security measures.
The vulnerability of the email module in the Python programming language interpreter is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to bypass security measures remotely...
Amazon Linux 2023 : python3.11, python3.11-devel, python3.11-idle (ALAS2023-2023-252)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-252 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks ...
Python <= 2.7.18, 3.x <= 3.12.3 Security Bypass Vulnerability - Linux
Python is prone to a security bypass vulnerability in the e-mail module. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
SUSE CVE-2023-27043
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...
CVE-2023-27043
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...
CVE-2023-27043
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...
ALPINE-CVE-2023-27043
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...
UBUNTU-CVE-2023-27043
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...
Authentication flaw
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...
CVE-2023-27043
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...