Lucene search
+L

137 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-52753

Malicious code in bioql PyPI...

4.9CVSS5.1AI score0.00643EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-52760

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00616EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-45922

Malicious code in bioql PyPI...

8.2CVSS6.3AI score0.00698EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2023-37367

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00529EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-52759

Malicious code in bioql PyPI...

5.4CVSS4.8AI score0.00723EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-28009

Malicious code in bioql PyPI...

5CVSS5AI score0.00919EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/05/23 10:45 a.m.7 views

CVE-2024-52509

Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. The Nextcloud mail app incorrectly allowed attaching shared files without download permissions as attachments. This allowed users to send them the files to themselves and then downloading it from their mail clients...

5.7CVSS6.7AI score0.00502EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:56 a.m.13 views

CVE-2023-33184

Nextcloud Mail is a mail app in Nextcloud. A blind SSRF attack allowed to send GET requests to services running in the same web server. It is recommended that the Mail app is update to version 3.02, 2.2.5 or 1.15.3...

5.3CVSS6.7AI score0.00529EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:17 a.m.7 views

CVE-2023-48307

Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. Starting in version 1.13.0 and prior to version 2.2.8 and 3.3.0, an attacker can use an unprotected endpoint in the Mail app to perform a SSRF attack. Nextcloud Mail app versions 2.2.8 and 3.3.0 contain a patch for...

9.8CVSS6.7AI score0.00866EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:19 a.m.4 views

CVE-2023-23943

Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP, IMAP and Sieve host fields allowed to scan for internal services and servers reachable from within the local network of the Nextcloud Server. It is recommended that the Nextcloud Maill app is...

5CVSS6.5AI score0.00919EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:39 a.m.9 views

CVE-2023-23944

Nextcloud mail is an email app for the nextcloud home server platform. In versions prior to 2.2.2 user's passwords were stored in cleartext in the database during the duration of OAuth2 setup procedure. Any attacker or malicious user with access to the database would have access to these user...

6.5CVSS6.5AI score0.00475EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:2 a.m.15 views

CVE-2022-31131

Nextcloud mail is a Mail app for the Nextcloud home server product. Versions of Nextcloud mail prior to 1.12.2 were found to be missing user account ownership checks when performing tasks related to mail attachments. Attachments may have been exposed to incorrect system users. It is recommended...

5.4CVSS6.5AI score0.00723EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:17 p.m.11 views

CVE-2021-32707

Nextcloud Mail is a mail app for Nextcloud. In versions prior to 1.9.6, the Nextcloud Mail application does not, by default, render images in emails to not leak the read state. The privacy filter failed to filter images with a background-image CSS attribute. Note that the images were still passed...

4.3CVSS6.6AI score0.01146EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:45 p.m.9 views

CVE-2021-32652

Nextcloud Mail is a mail app for the Nextcloud platform. A missing permission check in Nextcloud Mail before 1.4.3 and 1.8.2 allows another authenticated users to access mail metadata of other users. Versions 1.4.3 and 1.8.2 contain patches for this vulnerability; no workarounds other than the...

8.8CVSS6.5AI score0.01107EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:46 p.m.6 views

CVE-2021-39220

Nextcloud is an open-source, self-hosted productivity platform The Nextcloud Mail application prior to versions 1.10.4 and 1.11.0 does by default not render images in emails to not leak the read state or user IP. The privacy filter failed to filter images with a relative protocol. It is recommend...

3.5CVSS6.7AI score0.00759EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:23 p.m.8 views

CVE-2022-31132

Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path ./vendor/cerdic/css-tidy/cssoptimiser.php. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery SSRF. It is recommendet t...

9.8CVSS6.8AI score0.00616EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:8 p.m.8 views

CVE-2024-52508

Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is trying to set up a mail account with an email address like [email protected] that does not support auto configuration, and an attacker managed to register autoconfig.tld, the used email details would ...

8.2CVSS6.7AI score0.00698EPSS
Exploits0References1
Hacker One
Hacker One
added 2024/12/16 3:38 p.m.12 views

Nextcloud: [nextcloud/mail] Blind SSRF to Internal Network via "List-Unsubscribe" SMTP Header when allow_local_remote_servers is allowed

Vulnerability description not provided...

6.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/12/06 12:0 a.m.7 views

The vulnerability of NextCloud Mail’s email client, related to improper access control, allows attackers to disclose protected information.

The vulnerability of NextCloud Mail’s email client stems from insufficient access control. Exploiting this vulnerability allows a malicious actor to disclose protected information from a remote location...

4CVSS5.5AI score0.00502EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/06 12:0 a.m.7 views

The vulnerability of NextCloud Mail’s email client allows unauthorized individuals to disclose confidential information, enabling attackers to expose protected data.

The vulnerability of NextCloud Mail’s email client stems from improper automatic configuration. Exploiting this vulnerability allows a malicious actor to disclose protected information remotely...

8.2CVSS5.4AI score0.00698EPSS
Exploits0References5Affected Software2
Rows per page
Query Builder