80 matches found
CVE-2026-6411
This vulnerability, in the MAXHUB Pivot client application versions prior to v1.36.2, may allow an attacker to obtain encrypted tenant email addresses and related metadata from any tenant. Due to the presence of a hardcoded AES key within the application, the encrypted data can be decrypted,...
CVE-2026-29131
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to read the contents of emails encrypted for other users...
CVE-2026-29142
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to forge a GINA-encrypted email...
SEPPmail Secure Email Gateway 安全漏洞
SEPPmail Secure Email Gateway is an email security gateway developed by the German company SEPPmail. Versions of SEPPmail Secure Email Gateway prior to version 15.0.3 contained security vulnerabilities. These vulnerabilities allowed attackers to read the encrypted email content of other users...
PT-2026-29699
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to read the contents of emails encrypted for other users...
CVE-2026-27442
The GINA web interface in SEPPmail Secure Email Gateway before version 15.0.1 does not properly check attachment filenames in GINA-encrypted emails, allowing an attacker to access files on the gateway...
EUVD-2026-9378
The GINA web interface in SEPPmail Secure Email Gateway before version 15.0.1 does not properly check attachment filenames in GINA-encrypted emails, allowing an attacker to access files on the gateway...
CVE-2026-27442
The GINA web interface in SEPPmail Secure Email Gateway before version 15.0.1 does not properly check attachment filenames in GINA-encrypted emails, allowing an attacker to access files on the gateway...
CVE-2026-27442
The GINA web interface in SEPPmail Secure Email Gateway before version 15.0.1 does not properly check attachment filenames in GINA-encrypted emails, allowing an attacker to access files on the gateway...
CVE-2026-27442 zip_attachments Path Traversal
The GINA web interface in SEPPmail Secure Email Gateway before version 15.0.1 does not properly check attachment filenames in GINA-encrypted emails, allowing an attacker to access files on the gateway...
CVE-2026-27442 zip_attachments Path Traversal
The GINA web interface in SEPPmail Secure Email Gateway before version 15.0.1 does not properly check attachment filenames in GINA-encrypted emails, allowing an attacker to access files on the gateway...
PT-2026-22888
Name of the Vulnerable Software and Affected Versions SEPPmail Secure Email Gateway versions prior to 15.0.1 Description The GINA web interface does not properly validate attachment filenames within GINA-encrypted emails. This allows an attacker to potentially access files on the gateway. The iss...
Mageia: Security Advisory (MGASA-2026-0036)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2026-0036 Updated thunderbird packages fix security vulnerability
CSS-based exfiltration of the content from partially encrypted emails when allowing remote content. CVE-2026-0818...
Updated thunderbird packages fix security vulnerability
CSS-based exfiltration of the content from partially encrypted emails when allowing remote content. CVE-2026-0818...
openSUSE Security Advisory (SUSE-SU-2026:0388-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2026:0388-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0388-1 advisory. Update to Mozilla Thunderbird 140.7.1 MFSA 2026-08 bsc1257397: - CVE-2026-0818: CSS-based exfiltration of...
SUSE-SU-2026:0388-1 Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 140.7.1 MFSA 2026-08 bsc1257397: - CVE-2026-0818: CSS-based exfiltration of the content from partially encrypted emails when allowing remote content...
CVE-2026-0818
When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled with HTML and CSS, then the decrypted contents were rendered in a context in which the CSS styles from the outer messages were active. If...
CVE-2026-0818
When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled with HTML and CSS, then the decrypted contents were rendered in a context in which the CSS styles from the outer messages were active. If...