PT-2026-45046

The current upstream main branch at commit 7e0206d was reviewed, and the fix-first patch set was rebased on 2026-05-18. The patches cover: validated and bound inactive-agent hour filtering; storage SQL identifier validation; metadata-backed ownership checks for raw storage SQL; blocking direct...

[SECURITY] Fedora 43 Update: nginx-1.30.1-1.fc43

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

CVE-1999-0250

Denial of service in Qmail through long SMTP commands...

Inadequate Encryption Strength

Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength via the SMTP process. An attacker can intercept sensitive information by performing a man-in-the-middle attack that prevents the use of TLS, causing data to be sent over an unencrypted connection...

OESA-2025-2090 nginx security update

NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...

WiFi-password-stealer - Simple Windows And Linux Keystroke Injection Tool That Exfiltrates Stored WiFi Data (SSID And Password)

Have you ever watched a film where a hacker would plug-in, seemingly ordinary, USB drive into a victim's computer and steal data from it? - A proper wet dream for some. Disclaimer : All content in this project is intended for security research purpose only. Introduction During the summer of 2022,...

LiquidFiles Security Vulnerability

Liquidfiles is a storage service for large-scale secure file transfer and sharing for companies and organizations from US-based Liquidfiles, Inc. A security vulnerability exists in LiquidFiles version 3.7.13 and prior versions that stems from the presence of HTML and SMTP injection issues...

SUSE CVE-2023-5422

The functions to fetch e-mail via POP3 or IMAP as well as sending e-mail via SMTP use OpenSSL for static SSL or TLS based communication. As the SSLgetverifyresult function is not used the certificated is trusted always and it can not be ensured that the certificate satisfies all necessary securit...

An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S) IMAP(S) POP3(S) and LDAP(S) (openldap only).

...

FBI, NSA and CISA Warns of Russian Hackers Targeting Critical Infrastructure

Amid renewed tensions between the U.S. and Russia over Ukraine and Kazakhstan, American cybersecurity and intelligence agencies on Tuesday released a joint advisory on how to detect, respond to, and mitigate cyberattacks orchestrated by Russian state-sponsored actors. To that end, the Cybersecuri...

OpenSMTPD Vulnerability

The CERT Coordination Center CERT/CC has released information on a vulnerability affecting OpenSMTPD. An attacker could exploit this vulnerability to take control of an affected system. OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol SMTP that is part o...

Phorpiex Botnet Shifts Gears From Ransomware to Sextortion

A recent wide-scale campaign indicates that a decade-old botnet is shifting gears from distributing ransomware to delivering millions of sextortion threats to innocent recipients. Worse, researchers say that the botnet’s spam campaign can affect up to 27 million potential victims. The botnet,...

Synametrics SynaMan Information Disclosure Vulnerability

Synametrics SynaMan is a remote file manager from Synametrics Technologies, USA. An information disclosure vulnerability exists in Synametrics SynaMan version 4.0 build 1488, which stems from the program storing passwords for smtp email accounts in plaintext, which can be exploited by an attacker...

Microsoft Windows SMTP Server DNS spoofing vulnerability

The Microsoft Windows Simple Mail Transfer Protocol SMTP Server is prone to a DNS spoofing vulnerability. Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to launch man-in-the-middle attacks. OpenVAS Vulnerability Test...

Microsoft Exchange and Windows SMTP Service Denial of Service Vulnerability (981832)

This host is missing a critical security update according to Microsoft Bulletin MS10-024. OpenVAS Vulnerability Test $Id: secpodms10-024.nasl 5361 2017-02-20 11:57:13Z cfi $ Microsoft Exchange and Windows SMTP Service Denial of Service Vulnerability 981832 Authors: Veerendra G Copyright: Copyrigh...

Microsoft Windows SMTP Server MX Record Denial of Service Vulnerability

The Microsoft Windows Simple Mail Transfer Protocol SMTP Server is prone to a denial-of-service vulnerability and to an information disclosure vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Microsoft Windows SMTP Server MX Record Denial of Service Vulnerability

The Microsoft Windows Simple Mail Transfer Protocol SMTP Server is prone to a denial-of-service vulnerability and to to an information-disclosure vulnerability. Successful exploits of the denial-of-service vulnerability will cause the affected SMTP server to stop responding, denying service to...

The TCP port of the role, the vulnerabilities and the operation of the detailed analysis-vulnerability warning-the black bar safety net

TCP port: the role,vulnerability,and operation in detail analysis In the Internet, we often see the“port”of the word, also frequently used port numbers, such as in the FTP address behind the increase of“21”, and 21 indicates the port number. Then the port in the end what does that mean? How do I...