CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

115 matches found

IceWarp Mail Server v10.4.5 - Cross-Site Scripting

IceWarp Mail Server v10.4.5 was discovered to contain a reflected cross-site scripting XSS vulnerability via the color parameter. id: CVE-2023-39700 info: name: IceWarp Mail Server v10.4.5 - Cross-Site Scripting author: r3Y3r53 severity: medium description: | IceWarp Mail Server v10.4.5 was...

6.1CVSS5.8AI score0.01376EPSS

Exploits1References4

RedhatCVE•added 2026/01/09 12:29 p.m.•2 views

CVE-2023-40779

An issue in IceWarp Mail Server Deep Castle 2 v.13.0.1.2 allows a remote attacker to execute arbitrary code via a crafted request to the URL...

6.1CVSS7.9AI score0.01355EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2008-0230

Malware in sbrugna...

4.3CVSS6.4AI score0.02967EPSS

Exploits1References6

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-4381

Malware in sbrugna...

4.8CVSS5.1AI score0.00784EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-19206

Malware in sbrugna...

6.1CVSS6.3AI score0.00962EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2011-3543

Malware in sbrugna...

5CVSS6.2AI score0.0161EPSS

Exploits2References9

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-43399

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01162EPSS

Exploits1References3

RedhatCVE•added 2025/05/23 4:11 a.m.•7 views

CVE-2023-39700

IceWarp Mail Server v10.4.5 was discovered to contain a reflected cross-site scripting XSS vulnerability via the color parameter...

6.1CVSS6.1AI score0.01376EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:25 a.m.•3 views

CVE-2019-12593

IceWarp Mail Server through 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index.php?style=..%5c directory traversal...

7.5CVSS6.6AI score0.40965EPSS

Exploits5References1

CNVD•added 2025/05/22 12:0 a.m.•4 views

IceWarp Mail Server Input Validation Error Vulnerability

IceWarp Mail Server is a mail server product from the Czech company IceWarp IceWarp. The product supports email archiving, SmartAttach attachments, automatic migration and more. An input validation error vulnerability exists in IceWarp Mail Server, which can be exploited to cause users to be...

6.1CVSS7.1AI score0.00425EPSS

Exploits0References1

CNVD•added 2025/05/22 12:0 a.m.•3 views

IceWarp Mail Server Cross-Site Scripting Vulnerability

IceWarp Mail Server is a mail server product from the Czech company IceWarp IceWarp. The product supports email archiving, SmartAttach attachments, automatic migration and more. A cross-site scripting vulnerability exists in IceWarp Mail Server, which stems from the application's lack of effectiv...

6.1CVSS6.6AI score0.00183EPSS

Exploits0References1

RedhatCVE•added 2025/05/18 12:9 p.m.•16 views

CVE-2025-40632

Cross-site scripting XSS in Icewarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to modify the “lastLogin” cookie with malicious JavaScript code that will be executed when the page is rendered...

2CVSS6.3AI score0.00183EPSS

Exploits0References3

RedhatCVE•added 2025/05/18 12:9 p.m.•15 views

CVE-2025-40631

HTTP host header injection vulnerability in Icewarp Mail Server affecting version 11.4.0. By modifying the Host header and adding a payload, arbitrary JavaScript code can be executed on page load. The user must interact with a malicious link to be redirected...

2CVSS7.6AI score0.00183EPSS

Exploits0References3

RedhatCVE•added 2025/05/18 12:9 p.m.•18 views

CVE-2025-40630

Open redirection vulnerability in IceWarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to redirect a user to any domain by sending a malicious URL to the victim, for example “ https://icewarp.domain.com///%2e%2e” https://icewarp.domain.com///%2e%2e” . This...

5.1CVSS7.1AI score0.00425EPSS

Exploits0References3