EUVD-2014-4862

Malware in sbrugna...

EUVD-2012-0822

Malware in sbrugna...

EUVD-2010-4743

Malware in sbrugna...

EUVD-2019-3747

Malware in sbrugna...

EUVD-2022-52239

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-8035

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting XSS vulnerability via an SVG image...

Linux Distros Unpatched Vulnerability : CVE-2017-7414

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In HordeCrypt before 2.7.6, as used in Horde Groupware Webmail Edition 5.x through 5.2.17, OS Command Injection can occur if the user has PGP features enabled i...

Linux Distros Unpatched Vulnerability : CVE-2019-12095

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to th...

Linux Distros Unpatched Vulnerability : CVE-2013-6365

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions CVE-2013-6365 Note that Nessus relies on the presence of the package as reported by...

Linux Distros Unpatched Vulnerability : CVE-2022-26874

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lib/Horde/Mime/Viewer/Ooo.php in Horde MimeViewer before 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail...

Linux Distros Unpatched Vulnerability : CVE-2020-8865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is...

CVE-2019-9858

Remote code execution was discovered in Horde Groupware Webmail 5.2.22 and 5.2.17. Horde/Form/Type.php contains a vulnerable class that handles image upload in forms. When the HordeFormTypeimage method onSubmit is called on uploads, it invokes the functions getImage and getUpload, which uses...

CVE-2010-4778

Multiple cross-site scripting XSS vulnerabilities in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allow remote attackers to inject arbitrary web script or HTML via the 1 username aka fmusername, 2 password aka fmpassword, or 3 server aka fmserver...

SUSE CVE-2007-6018

IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde Groupware Webmail Edition 1.0.3 does not validate unspecified HTTP requests, which allows remote attackers to 1 delete arbitrary e-mail messages via a modified numeric ID or 2 "purge" deleted emails via a crafted email message...

SUSE CVE-2008-3650

Multiple unspecified vulnerabilities in Horde Groupware Webmail before Edition 1.1.1 final have unknown impact and attack vectors related to "unescaped output," possibly cross-site scripting XSS, in the 1 object browser and 2 contact view...

SUSE CVE-2008-7219

Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and H3 2.2 before 2.2-RC2; Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 does not valida...

SUSE CVE-2008-7218

Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 befo...

SUSE CVE-2010-3693

Cross-site scripting XSS vulnerability in Horde Dynamic IMP DIMP before 1.1.5, and Horde Groupware Webmail Edition before 1.2.7, allows remote attackers to inject arbitrary web script or HTML via vectors related to displaying mailbox names...

SUSE CVE-2010-3695

Cross-site scripting XSS vulnerability in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allows remote attackers to inject arbitrary web script or HTML via the fmid parameter in a fetchmailprefssave action, related to the Fetchmail configuration...

SUSE CVE-2010-4778

Multiple cross-site scripting XSS vulnerabilities in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allow remote attackers to inject arbitrary web script or HTML via the 1 username aka fmusername, 2 password aka fmpassword, or 3 server aka fmserver...