SUSE-SU-2026:2093-1 Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues Security issues: - CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. - CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. - CVE-2026-39817: cmd/go: 'go tool...

CVE-1999-0114

Local users can execute commands as other users, and read other users' files, through the filter command in the Elm elm-2.4 mail package using a symlink attack...

EUVD-2009-3994

Malware in sbrugna...

EUVD-2009-4082

Malware in sbrugna...

EUVD-1999-0114

Malware in sbrugna...

Arbitrary Argument Injection

Overview Affected versions of this package are vulnerable to Arbitrary Argument Injection via improper handling of the mail.Address value. An attacker can manipulate email routing or inject unauthorized SMTP parameters by supplying specially crafted email addresses. Note: This is only exploitable...

Malicious code in agyl-mail (npm)

The package agyl-mail was found to contain malicious code...

The vulnerability of the ParseAddressList function in the net/mail package in the Go programming language, which allows attackers to perform spoofing attacks.

The vulnerability of the ParseAddressList function in the net/mail package in the Go programming language is related to insufficient checking of the names displayed by this function. Exploitation of this vulnerability could allow a malicious actor to perform spear-phishing attacks by sending...

Malicious code in Mail (NuGet)

--- -= Per source details. Do not edit below this line.=-...

PT-2024-4460 · Go +9 · Netmail +9

Name of the Vulnerable Software and Affected Versions: net/mail package in Go affected versions not specified Description: The issue is related to the ParseAddressList function, which incorrectly handles comments within display names. This can lead to different trust decisions being made by...

SUSE CVE-2009-4023

Argument injection vulnerability in the sendmail implementation of the Mail::Send method Mail/sendmail.php in the Mail package 1.1.14 for PEAR allows remote attackers to read and write arbitrary files via a crafted $from parameter, a different vector than CVE-2009-4111...

SUSE CVE-2009-4111

Argument injection vulnerability in Mail/sendmail.php in the Mail package 1.1.14, 1.2.0b2, and possibly other versions for PEAR allows remote attackers to read and write arbitrary files via a crafted $recipients parameter, and possibly other parameters, a different vulnerability than CVE-2009-402...

Mageia: Security Advisory (MGASA-2014-0531)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the fly-admin-service-se component in the FLY operating system of Astra Linux allows a attacker to compromise data integrity, gain unauthorized access to protected information, and cause service failures.

The vulnerability of the fly-admin-service-se component in the FLY operating system’s working environment is related to an interpretation error in the DocumentRoot settings of the configuration files for Apache. Additionally, there is a lack of checks for installed mail packages. Exploiting this...

Zeta Components Mail 1.8.1 - Remote Code Execution

Zeta Components Mail 1.8.1 - Remote Code Execution Vendor: Zeta Components module: Mail, returnPath-email”; If attacker assign email address like: '[email protected] -X/var/www/html/cache/exploit.php' and inject payload in mail body, sendmail will transfer log-X into...

Zeta Components Mail 1.8.1 - Remote Code Execution

Vendor: Zeta Components module: Mail, returnPath-email”; If attacker assign email address like: '[email protected] -X/var/www/html/cache/exploit.php' and inject payload in mail body, sendmail will transfer log-X into /var/www/html/cache/exploit.php. The resulting file will contain t...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the sup-mail package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the yaws-mail package of the Debian GNU/Linux operating system can lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

Debian: Security Advisory (DSA-2805-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 10 Update: php-pear-Mail-1.1.14-5.fc10

PEAR's Mail package defines an interface for implementing mailers under the PEAR hierarchy. It also provides supporting functions useful to multiple mailer backends. Currently supported backends include: PHP's native mail function, sendmail, and SMTP. This package also provides a RFC822 email...