Lucene search
K

8 matches found

Veracode
Veracode
added 2026/02/02 7:13 a.m.6 views

Email Address Parsing Vulnerability

next-auth is vulnerable to email address parsing vulnerability. The vulnerability is due to an incorrect address parsing behavior in Nodemailer, which allows an attacker to craft a malicious email input that redirects authentication or verification emails to an attacker-controlled mailbox instead...

5.6AI score
Exploits0
EUVD
EUVD
added 2025/11/14 9:30 p.m.4 views

EUVD-2025-197647

A vulnerability was identified in the email parsing library due to improper handling of specially formatted recipient email addresses. An attacker can exploit this flaw by crafting a recipient address that embeds an external address within quotes. This causes the application to misdirect the emai...

7.5CVSS6AI score0.00509EPSS
Exploits0References6
Amazon
Amazon
added 2024/12/12 12:0 a.m.3 views

Medium: python3.11

Issue Overview: The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which...

8.7CVSS6.9AI score0.02527EPSS
Exploits1
OSV
OSV
added 2024/02/09 6:50 a.m.3 views

SUSE-SU-2024:0438-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2023-27043: Fixed incorrectly parses e-mail addresses which contain a special character bsc1210638...

5.3CVSS5.7AI score0.02527EPSS
Exploits1References3
Microsoft CVE
Microsoft CVE
added 2020/10/25 7:0 a.m.2 views

Clam AntiVirus (ClamAV) Software Email Parsing Vulnerability

...

7.5CVSS7AI score0.03135EPSS
Exploits1
OpenVAS
OpenVAS
added 2019/09/17 12:0 a.m.108 views

Debian: Security Advisory (DLA-1924-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.05366EPSS
Exploits0References3
OSV
OSV
added 2018/10/10 1:29 p.m.1 views

CVE-2018-8265

A remote code execution vulnerability exists in the way Microsoft Exchange software parses specially crafted email messages, aka "Microsoft Exchange Remote Code Execution Vulnerability." This affects Microsoft Exchange Server...

7.8CVSS6.4AI score0.19629EPSS
Exploits0References3
Debian
Debian
added 2003/03/04 11:54 a.m.14 views

[SECURITY] [DSA-257-1] sendmail remote exploit

------------------------------------------------------------------------ Debian Security Advisory DSA-257-1 [email protected] http://www.debian.org/security/ Wichert Akkerman March 4, 2003 - ------------------------------------------------------------------------ Package : sendmail Problem type...

7.6AI score
Exploits0
Rows per page
Query Builder