CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7729-1 advisory. Damian Poddebniak, Christian Dresen, Jens Mller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, and Jrg Schwenk...

6.5CVSS6.3AI score0.00447EPSS

Exploits3References5

OSV•added 2025/09/02 7:13 p.m.•0 views

USN-7731-1 kmail vulnerabilities

Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, and Jörg Schwenk discovered that KMail could be made to leak the plaintext of S/MIME encrypted emails when retrieving external content in emails. Under certain configurations, ...

6.5CVSS7.2AI score0.00447EPSS

Exploits2References3

OSV•added 2024/10/28 12:15 a.m.•0 views

UBUNTU-CVE-2024-50624

ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of an attacker-controlled mail server because cleartext HTTP is used for a URL such as http://autoconfig.example.com or http://example.com/.well-known/autoconfig for retrieving the configuration. This is...

5.9CVSS5.8AI score0.00041EPSS

Exploits0References8

SUSE CVE•added 2023/02/15 3:38 a.m.•1 views

SUSE CVE-2021-38373

In KDE KMail 19.12.3 aka 5.13.3, the SMTP STARTTLS option is not honored and cleartext messages are sent unless "Server requires authentication" is checked...

5.3CVSS5.4AI score0.00161EPSS

Exploits0References3

CNNVD•added 2021/08/10 12:0 a.m.•3 views

KDE KMail 安全漏洞

KDE KMail is an email component in Kontact a personal information management suite for the KDE community. A security vulnerability exists in KDE KMail 19.12.3 a.k.a. 5.13.3. There is no information about this vulnerability at this time, so please stay tuned to CNNVD or the vendor's announcement...

5.3CVSS5.7AI score0.00161EPSS

Exploits0References3

CNVD•added 2020/04/20 12:0 a.m.•8 views

Unspecified Vulnerability in KDE KMail (CNVD-2021-31481)

KDE KMail is an e-mail component of Kontact personal information management suite from the KDE community. A security vulnerability exists in KDE KMail versions prior to 19.12.3. An attacker could use this vulnerability to cause KMail to append a local file to a written email message without...

6.5CVSS6.2AI score0.00269EPSS

Exploits0References1

CNVD•added 2019/04/09 12:0 a.m.•3 views

Unspecified Vulnerability in KDE KMail

KDE KMail is an e-mail component of Kontact personal information management suite from the KDE community. A security vulnerability exists in KDE KMail version 5.2.3. An attacker can exploit the vulnerability to disclose information in plaintext form...

4.3CVSS6.5AI score0.00139EPSS

Exploits1References1

OSV•added 2017/08/28 8:14 a.m.•2 views

MGASA-2017-0315 Updated kmail(kdepimlibs4) packages fix security vulnerability and bugs

The kdepimlibs4, kdepim4, kdepim4-runtime, and akonadi packages have been updated to include the latest bug fixes from upstream. This includes a fix for an issue where the Send Later function in kmail would cause an e-mail that had been designated to be sent encrypted would be sent in plain text...

7.1AI score

Exploits0References4

UbuntuCve•added 2016/12/23 10:59 p.m.•18 views

CVE-2016-7967

KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. Since the generated html is executed in the local file security context by default access to remote and local URLs was enabled...

8.1CVSS7.2AI score0.00302EPSS

Exploits0References3

Debian CVE•added 2016/12/23 10:0 p.m.•27 views

CVE-2016-7967

8.1CVSS8.1AI score0.00302EPSS

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•10 views

KMail 1.x GnuPG Arbitrary Content Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22759/info KMail is prone to a vulnerability that may allow an attacker to add arbitrary content into a message without the end user knowing. An attacker may be able to exploit this issue to add arbitrary content into a...

7.1AI score

Exploits0

Exploit DB•added 2005/04/11 12:0 a.m.•54 views

KDE KMail 1.7.1 - HTML EMail Remote Email Content Spoofing

source: https://www.securityfocus.com/bid/13085/info A remote email message content spoofing vulnerability affects KDE KMail. This issue is due to a failure of the application to properly sanitize HTML email messages. An attacker may leverage this issue to spoof email content and various header...

7.2CVSS6.5AI score0.00061EPSS

Exploits3