Lucene search
K

19 matches found

NVD
NVD
added 2026/03/04 9:15 a.m.7 views

CVE-2026-2748

SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing...

7.8CVSS0.0012EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-12600

Malware in sbrugna...

4.9CVSS4.8AI score0.00912EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.1 views

EUVD-2018-16007

Malware in sbrugna...

7.5CVSS8.1AI score0.01265EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-18032

Malware in sbrugna...

4.3CVSS7.1AI score0.00313EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 a.m.5 views

CVE-2019-8642

An issue existed in the handling of S-MIME certificates. This issue was addressed with improved validation of S-MIME certificates. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. Processing a maliciously crafted mail message may...

4.3CVSS5.9AI score0.00313EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/04/17 2:10 p.m.4 views

Thunderbird: Revocation status of S/Mime recipient certificates was not checked

The Mozilla Foundation Security Advisory describes this flaw as: OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug...

6.5CVSS7.3AI score0.00372EPSS
Exploits0References5
Mageia
Mageia
added 2023/04/15 7:3 p.m.52 views

Updated thunderbird packages fix security vulnerability

Fullscreen notification obscured. CVE-2023-29533 Double-free in libwebp. MFSA-TMP-2023-0001 Potential Memory Corruption following Garbage Collector compaction. CVE-2023-29535 Invalid free from JavaScript code. CVE-2023-29536 Revocation status of S/Mime recipient certificates was not checked...

8.8CVSS7.7AI score0.00901EPSS
Exploits0References3
NVD
NVD
added 2020/10/27 8:15 p.m.14 views

CVE-2019-8642

An issue existed in the handling of S-MIME certificates. This issue was addressed with improved validation of S-MIME certificates. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. Processing a maliciously crafted mail message may...

4.3CVSS3AI score0.00313EPSS
Exploits0References1
OSV
OSV
added 2020/10/27 8:15 p.m.2 views

CVE-2019-8642

An issue existed in the handling of S-MIME certificates. This issue was addressed with improved validation of S-MIME certificates. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. Processing a maliciously crafted mail message may...

3.3CVSS6.7AI score0.00313EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/10/07 12:0 a.m.7 views

The vulnerability of the CertificateResourceHandler function, which processes MIME certificates, allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the CertificateResourceHandler function, which processes MIME certificates, in Google Chrome browsers is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...

7.5CVSS8.4AI score0.07855EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2020/08/20 11:15 p.m.4 views

CVE-2020-12619

MailMate before 1.11 automatically imported S/MIME certificates and thereby silently replaced existing ones. This allowed a man-in-the-middle attacker to obtain an email-validated S/MIME certificate from a trusted CA and replace the public key of the entity to be impersonated. This enabled the...

5.9CVSS6.2AI score0.00429EPSS
Exploits0References2
Prion
Prion
added 2020/08/20 11:15 p.m.12 views

Code injection

eM Client before 7.2.33412.0 automatically imported S/MIME certificates and thereby silently replaced existing ones. This allowed a man-in-the-middle attacker to obtain an email-validated S/MIME certificate from a trusted CA and replace the public key of the entity to be impersonated. This enable...

5.8CVSS4.8AI score0.00348EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/08/20 11:15 p.m.18 views

Code injection

MailMate before 1.11 automatically imported S/MIME certificates and thereby silently replaced existing ones. This allowed a man-in-the-middle attacker to obtain an email-validated S/MIME certificate from a trusted CA and replace the public key of the entity to be impersonated. This enabled the...

4.3CVSS5.4AI score0.00429EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/06/08 6:29 p.m.1 views

CVE-2018-4221

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "Security" component. It allows web sites to track users by leveraging the transmission of S/MIME client certificates...

7.5CVSS5.8AI score0.01265EPSS
Exploits0References4
CNVD
CNVD
added 2018/06/04 12:0 a.m.4 views

Apple iOS and macOS High Sierra Security S-MIME Certificate Handling Vulnerability

Apple iOS and macOS High Sierra are products of Apple Inc. Apple iOS is an operating system for mobile devices; macOS High Sierra is a specialized operating system for Mac computers. security is an information security and privacy component. Security is an information security and privacy...

7.5CVSS7.5AI score0.01265EPSS
Exploits0References1
NVD
NVD
added 2013/09/11 2:3 p.m.19 views

CVE-2013-3870

Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka "Message Certificate Vulnerability."...

9.3CVSS7.5AI score0.18642EPSS
Exploits2References5
Prion
Prion
added 2013/09/11 2:3 p.m.19 views

Double free

Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka "Message Certificate Vulnerability."...

9.3CVSS8.1AI score0.18642EPSS
Exploits2References5Affected Software1
Cvelist
Cvelist
added 2013/09/11 10:0 a.m.27 views

CVE-2013-3870

Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka "Message Certificate Vulnerability."...

7.5AI score0.18642EPSS
Exploits2References5
CVE
CVE
added 2013/09/11 10:0 a.m.162 views

CVE-2013-3870

CVE-2013-3870 is a remote-code-execution vulnerability in Microsoft Outlook caused by a double-free in the S/MIME certificate parsing path. Affects Outlook 2007 SP3 and Outlook 2010 SP1/SP2 (Office/Outlook components). Exploitation could occur when processing specially crafted S/MIME email messag...

9.3CVSS7.6AI score0.18642EPSS
Exploits2References5Affected Software1
Rows per page
Query Builder