20 matches found
CVE-2026-35545
An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke...
CVE-2026-2748 S/MIME Certificate Subject Whitespace
SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing...
EUVD-2018-16947
Malware in sbrugna...
EUVD-2014-8853
Malware in sbrugna...
EUVD-2015-0590
Malware in sbrugna...
EUVD-2008-7234
Malware in sbrugna...
EUVD-2016-1851
Malware in sbrugna...
EUVD-2009-5086
Malware in sbrugna...
EUVD-2016-7295
Malware in sbrugna...
EUVD-2025-10966
Malicious code in bioql PyPI...
CVE-2021-20022
SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host...
HTML Injection
Umbraco Forms is vulnerable to HTML Injection. The vulnerability is due to lack of HTML encoding due to user-provided form values being directly embedded into emails without proper sanitization, enabling potential spoofing or bypass of email security systems...
CVE-2020-26082
A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass content filters that are configured on an affected device. The vulnerability is due to improper handling of password-protected...
chat.village.com.ar XSS vulnerability
Vulnerable URL: http://chat.village.com.ar:8080/webchat/email/offline-mail.jsp?workgroup=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 10:32 GMT Vulnerability type:| XSS Vulnerability status:|...
Microsoft Outlook Express 4.x/5.x/6.0 - Plaintext Email Security Policy Bypass
source: https://www.securityfocus.com/bid/11447/info Microsoft Outlook Express is reported prone to a security policy bypass vulnerability. The vulnerability presents itself if an attached image file is referenced using a specially crafted CID URI. This will result in a policy bypass because the...
CVE-2004-0502
Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the "src" of an img tag of the original message, which allows remote attackers to bypass zone restrictions and exploit other issues that rely on predictable locations, as demonstrated using a shel...
Clearswift MAILsweeper 4.x - MIME Attachment Filter Bypass
Clearswift MAILsweeper 4.x - MIME Attachment Filter Bypass source: https://www.securityfocus.com/bid/7044/info Clearswift MailSweeper does not properly process certain malformed MIME email message attachments. If the attachment does not contain a MIME-Version field, MailSweeper does not recognize...
Clearswift MAILsweeper 4.x - MIME Attachment Filter Bypass
source: https://www.securityfocus.com/bid/7044/info Clearswift MailSweeper does not properly process certain malformed MIME email message attachments. If the attachment does not contain a MIME-Version field, MailSweeper does not recognize the attachment as being an executable type. MailSweeper...
EUVD-2000-0215
Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list...
ms.outlook.spoof.txt
Date: Tue, 20 Apr 1999 15:10:05 -0700 From: Nate Lawson To: [email protected] Subject: Outlook 98 allows spoofing internal users Problem: Outlook uses a sender's Reply-To address silently, allowing a user to inadvertently send data to an Internet mail account when intending to reply to an...