Lucene search
+L

166 matches found

Cvelist
Cvelist
added 2017/07/29 2:0 p.m.19 views

CVE-2017-11737

interface/js/app/history.js in WebUI in Rspamd before 1.6.3 allows XSS via the Subject and Message-Id headers, which are mishandled in the history page...

6AI score0.00673EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2016/09/27 12:0 a.m.78 views

SUSE SLES11 Security Update : openssh (SUSE-SU-2016:2388-1)

This update for OpenSSH fixes the following issues : - Prevent user enumeration through the timing of password processing. bsc989363, CVE-2016-6210 - Allow lowering the DH groups parameter limit in server as well as when GSSAPI key exchange is used. bsc948902 - Sanitize input for xauth1. bsc97063...

9.8CVSS6.8AI score0.88944EPSS
Exploits30References21
OSV
OSV
added 2016/09/26 3:11 p.m.24 views

SUSE-SU-2016:2388-1 Security update for openssh

This update for OpenSSH fixes the following issues: - Prevent user enumeration through the timing of password processing. bsc989363, CVE-2016-6210 - Allow lowering the DH groups parameter limit in server as well as when GSSAPI key exchange is used. bsc948902 - Sanitize input for xauth1. bsc970632...

9.8CVSS6.7AI score0.88944EPSS
Exploits30References16
Packet Storm
Packet Storm
added 2014/09/29 12:0 a.m.47 views

WordPress Users Ultra 1.3.37 SQL Injection

Title : Wordpress Users Ultra Plugin - SQL injection Vulnerability Risk : High+/Critical Author : XroGuE Google Dork : inurl: wp-content/plugins/users-ultra/ Plugin Version : 1.3.37 Plugin Name : users ultra Plugin Download Link : https://downloads.wordpress.org/plugin/users-ultra.zip Vendor Home...

0.4AI score
Exploits0
Hacker One
Hacker One
added 2014/09/21 6:53 a.m.52 views

Mail.ru: touch.mail.ru XSS via message id

воспроизводится в IE11 уязвимы элементы принимающие значение id письма. к примеру https://touch.mail.ru/cgi-bin/msglistreadmsg/14112810510000000915"...

0.4AI score
Exploits0
myhack58
myhack58
added 2012/11/13 12:0 a.m.34 views

dedecms5. 7 latest sql injection exploit guestbook. php-vulnerability warning-the black bar safety net

Impact version 5. 7 Vulnerability file edit. inc. php specific code: ExecuteNoneQuery" DELETE FROM @guestbook WHERE id='$id' "; ShowMsg"successfully deleted a message!", $GUESTBOOKPOS; exit; else if$job=='check' && $gisadmin $dsql-ExecuteNoneQuery" UPDATE @guestbook SET ischeck=1 WHERE id='$id' "...

0.7AI score
Exploits0
myhack58
myhack58
added 2007/10/06 12:0 a.m.25 views

Magic magiclink-vulnerability warning-the black bar safety net

Magic control MagicLink1. 4 remote control software Version 1.4 update 1. Using a more complex encryption algorithm, the encrypted message information. 2. You can set the Message ID to make the connection more secure,1.4the previous Server version, the message identity is set toCMJSPY2INFO 1....

6.8AI score
Exploits0
securityvulns
securityvulns
added 2007/06/01 12:0 a.m.75 views

Mozilla Foundation Security Advisory 2007-15

Title: Security Vulnerability in APOP Authentication Impact: Moderate Announced: May 30, 2007 Reporter: Gatan Leurent Products: Thunderbird, SeaMonkey Fixed in: Thunderbird 1.5.0.12 Thunderbird 2.0.0.4 SeaMonkey 1.0.9 SeaMonkey 1.1.2 Description Gatan Leurent informed us of a weakness in APOP...

2.6CVSS1.2AI score0.02423EPSS
Exploits1
securityvulns
securityvulns
added 2006/02/06 12:0 a.m.92 views

SECURITY.NNOV: The Bat! 2.x message headers spoofing

Title: The Bat! 2.x message headers spoofing Author: 3APA3A [email protected] Homepage: http://www.security.nnov.ru/ Advisory URL: http://www.security.nnov.ru/advisories/thebatspoof.asp Vendor: RitLabs Vendor's page http://thebat.net/ Application: The Bat 2.x 2.12.04 tested Not vulnerable:...

0.6AI score
Exploits0
NVD
NVD
added 2005/05/02 4:0 a.m.21 views

CVE-2005-0127

Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine...

5CVSS6.4AI score0.0271EPSS
Exploits0References5
CERT
CERT
added 2005/01/31 12:0 a.m.35 views

Apple Mac OS X vulnerable to information disclosure in "Message-ID" header

Overview The Mail application supplied with Apple's Mac OS X operating system identifies the system from which any electronic mail is sent. Description Mac OS X includes the Mail application for handling electronic mail. This application does include the Media Access Control MAC address of a...

5CVSS6.3AI score0.0271EPSS
Exploits0References2
CVE
CVE
added 2005/01/29 5:0 a.m.84 views

CVE-2005-0127

CVE-2005-0127 affects Mac OS X 10.3.7 Mail: the Message-ID header includes a GUUID that reveals the MAC address of the sending machine, enabling remote attackers to correlate mail with a specific system. Impact is system identification via email; exploitation details are not provided in the conne...

5CVSS6.4AI score0.0271EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2005/01/29 5:0 a.m.28 views

CVE-2005-0127

Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine...

6.3AI score0.0271EPSS
Exploits0References5
NVD
NVD
added 2004/12/31 5:0 a.m.19 views

CVE-2004-2677

Format string vulnerability in qwik-smtpd.c in QwikMail SMTP qwik-smtpd 0.3 and earlier allows remote attackers to execute arbitrary code via format specifiers in the 1 clientRcptTo array, and the 2 Received and 3 messageID variables, possibly involving HELO and hostname arguments...

7.5CVSS7.8AI score0.06436EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.22 views

Mandrake Linux Security Advisory : leafnode (MDKSA-2003:005)

A vulnerability was discovered by Jan Knutar in leafnode that Mark Brown pointed out could be used in a Denial of Service attack. This vulnerability causes leafnode to go into an infinite loop with 100% CPU use when an article that has been crossposed to several groups, one of which is the prefix...

5CVSS5.5AI score0.02333EPSS
Exploits0References2
securityvulns
securityvulns
added 2002/12/31 12:0 a.m.22 views

Leafnode CPU exhaustion

If message is crossposted to few groups where one is prefix for another and then requested by message id programs goes into infinite loop...

1.9AI score
Exploits0References1Affected Software1
FreeBSD
FreeBSD
added 2002/11/06 12:0 a.m.21 views

leafnode denial-of-service triggered by article request

The leafnode NNTP server may go into an unterminated loop with 100% CPU use when an article is requested by Message-ID that has been crossposted to several news groups when one of the group names is the prefix of another group name that the article was cross-posted to. Found by Jan Knutar...

5CVSS6.5AI score0.02333EPSS
Exploits0References3
Cvelist
Cvelist
added 2002/06/25 4:0 a.m.16 views

CVE-2001-1174

Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to execute arbitrary code via a long Message-ID header...

7.9AI score0.04226EPSS
Exploits0References4
NVD
NVD
added 2002/04/01 5:0 a.m.12 views

CVE-2001-1174

Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to execute arbitrary code via a long Message-ID header...

7.5CVSS7.9AI score0.04226EPSS
Exploits0References4
CVE
CVE
added 2000/10/13 4:0 a.m.57 views

CVE-2000-0472

CVE-2000-0472 describes a buffer overflow in INN (innd) 2.2.2 that allows a remote attacker to execute arbitrary commands via a cancel request containing a long message ID. Documents indicate the impact is remote code execution and that remediation is to upgrade to version 2.2.3 or disable the ve...

3.6CVSS7.8AI score0.03721EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder