Lucene search
K

3542 matches found

Trellix
Trellix
added 2026/03/11 12:0 a.m.30 views

The Anatomy of HTML Attachment Phishing

The Anatomy of HTML Attachment Phishing: One Code, Many Variants By Niranjan Hegde and Sijo Jacob · June 14, 2023 This blog was also written by Mathanraj Thangaraju Introduction Phishing is the malevolent practise of pretending to be a reliable entity in electronic communication to steal sensitiv...

7.4AI score
Exploits0
ICS
ICS
added 2026/03/10 6:0 a.m.15 views

Apeman Cameras

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to take control of the device or view camera feeds. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

10CVSS4.2AI score0.006EPSS
Exploits0References13
Cvelist
Cvelist
added 2026/03/04 8:48 a.m.28 views

CVE-2026-2748 S/MIME Certificate Subject Whitespace

SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing...

7.8CVSS0.0012EPSS
Exploits0References1
CVE
CVE
added 2026/03/04 8:47 a.m.15 views

CVE-2026-27444

SEPPmail Secure Email Gateway is affected prior to version 15.0.1 due to incorrect parsing of email addresses in headers, leading to an interpretation conflict with other mail infrastructure. This can enable an attacker to fake the email source or decrypt it. The known remediation is upgrading to...

7.8CVSS5.9AI score0.00213EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.13 views

PT-2026-20886

Name of the Vulnerable Software and Affected Versions GFI MailEssentials AI versions prior to 22.4 Description The software contains a stored cross-site scripting issue in the Advanced Content Filtering rule creation workflow. A logged-in user can inject HTML or JavaScript code via the txtRuleNam...

5.4CVSS5.3AI score0.00173EPSS
Exploits0References7
Fedora
Fedora
added 2026/02/04 2:11 a.m.6 views

[SECURITY] Fedora 43 Update: rust-sequoia-octopus-librnp-1.11.1-4.fc43

Reimplementation of RNP's interface using Sequoia for use with Thunderbird...

5.3CVSS5.2AI score0.00297EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.6 views

CVE-2023-43766

Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for...

7.8CVSS7.3AI score0.00151EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:39 p.m.7 views

CVE-2023-43767

Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 1...

7.5CVSS7AI score0.00531EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:15 p.m.9 views

CVE-2018-1000154

Zammad GmbH Zammad version 2.3.0 and earlier contains a Improper Neutralization of Script-Related HTML Tags in a Web Page CWE-80 vulnerability in the subject of emails which are not html quoted in certain cases. This can result in the embedding and execution of java script code on users browser...

6.1CVSS7.1AI score0.01598EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.7 views

PT-2026-1688

Name of the Vulnerable Software and Affected Versions affected versions not specified Description Attackers are leveraging artificial intelligence to customize malicious payloads in phishing campaigns, enabling them to circumvent security defenses. This issue is related to email security protocol...

6.7AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/23 12:0 a.m.6 views

PT-2025-52760

Hackers Exploit List-Unsubscribe Header for XSS and SSRF Attacks The List-Unsubscribe SMTP header can be exploited for XSS and SSRF attacks if not properly validated. Examples include Horde Webmail CVE-2025-68673 allowing JavaScript URIs and Nextcloud Mail risking SSRF. Proper validation,...

6.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/22 12:0 a.m.7 views

Libraesva Email Security Gateway (ESG) Web UI Detection

Binary data libraesvaemailsecuritygatewaydetect.nbin...

7AI score
Exploits0References1
OSV
OSV
added 2025/12/18 8:15 p.m.3 views

CVE-2022-50684

An HTML injection vulnerability in Kentico Xperience allows attackers to inject malicious HTML values into form submission emails via unencoded form fields. Unencoded form values could enable HTML content execution in recipient email clients, potentially compromising email security...

6.1CVSS5.9AI score0.00165EPSS
Exploits0References2
CVE
CVE
added 2025/12/18 7:53 p.m.12 views

CVE-2022-50684

Summary of CVE-2022-50684 (Kentico Xperience HTML injection) An HTML injection vulnerability affects Kentico Xperience through unencoded form fields used in form submission emails. The underlying issue is lack of proper filtering/escaping of user-supplied data, allowing injected HTML content to b...

6.1CVSS6.8AI score0.00165EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.4 views

PT-2025-52306

Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description A flaw exists in Kentico Xperience that permits the injection of malicious HTML into form submission emails. This occurs because form fields are not properly encoded, allowing...

6.1CVSS6.5AI score0.00165EPSS
Exploits0References5
Microsoft Secure
Microsoft Secure
added 2025/12/10 5:0 p.m.5 views

Clarity in complexity: New insights for transparent email security

As email threats grow more sophisticated and layered security architectures become more common, organizations need clear, data-driven insights to evaluate how their security solutions perform together. Benchmarking plays a critical role in helping security leaders understand not just individual...

6.6AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/12/10 5:0 p.m.7 views

Clarity in complexity: New insights for transparent email security

As email threats grow more sophisticated and layered security architectures become more common, organizations need clear, data-driven insights to evaluate how their security solutions perform together. Benchmarking plays a critical role in helping security leaders understand not just individual...

6.6AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/12/05 8:0 p.m.9 views

Microsoft named a leader in the 2025 Gartner® Magic Quadrant™ for Email Security

We’re honored to share that Microsoft has been named a Leader in the 2025 Gartner® Magic Quadrant™ for Email Security. We believe this recognition highlights the value of Microsoft Defender for Office 365’s innovative capabilities in addressing today’s complex email security challenges. Protect...

7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/12/05 8:0 p.m.16 views

Microsoft named a leader in the 2025 Gartner® Magic Quadrant™ for Email Security

We’re honored to share that Microsoft has been named a Leader in the 2025 Gartner® Magic Quadrant™ for Email Security. We believe this recognition highlights the value of Microsoft Defender for Office 365’s innovative capabilities in addressing today’s complex email security challenges. Protect...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/26 11:55 a.m.7 views

When Your $2M Security Detection Fails: Can your SOC Save You?

Enterprises today are expected to have at least 6-8 detection tools, as detection is considered a standard investment and the first line of defense. Yet security leaders struggle to justify dedicating resources further down the alert lifecycle to their superiors. As a result, most organizations'...

7.3AI score
Exploits0
Rows per page
Query Builder