Lucene search
K

14 matches found

CNNVD
CNNVD
added 2026/03/19 12:0 a.m.5 views

Discourse 访问控制错误漏洞

Discourse is an open-source community discussion platform developed by Discourse. This platform includes features such as communities, email, and chat rooms. Versions of Discourse prior to 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contained a access control vulnerability. This vulnerability stemm...

4.3CVSS5.8AI score0.00251EPSS
Exploits0References4
Malwarebytes
Malwarebytes
added 2025/10/22 3:49 p.m.9 views

Over 100 Chrome extensions break WhatsApp’s anti-spam rules

Recent research by Socket’s Threat Research Team uncovered a massive, coordinated campaign flooding the Chrome Web Store with 131 spamware extensions. These add-ons hijack WhatsApp Web—the browser version of WhatsApp—to automate bulk messages and skirt anti-spam controls. Spamware is software tha...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 2:52 a.m.4 views

CVE-2023-0816

The Formidable Forms WordPress plugin before 6.1 uses several potentially untrusted headers to determine the IP address of the client, leading to IP Address spoofing and bypass of anti-spam protections...

6.5CVSS7AI score0.00498EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2024/07/08 12:0 a.m.5 views

PT-2024-37431 · WordPress · Unlimited Elements For Elementor

Name of the Vulnerable Software and Affected Versions: The Unlimited Elements For Elementor plugin for WordPress versions up to, and including, 1.5.112 Description: The issue is related to IP Address Spoofing due to insufficient IP address validation and/or use of user-supplied HTTP headers as a...

5.3CVSS7.1AI score0.00249EPSS
Exploits0References9
Malwarebytes
Malwarebytes
added 2024/03/05 5:27 p.m.25 views

Check your DNS! Abandoned domains used to bypass spam checks

Researchers at Guardio Labs have discovered that a group of spammers is using long-forgotten subdomains from established brands like MSN, eBay, CBS, and Marvel to send out malicious emails. The emails can bypass spam checks and to recipients they look like they come from a legitimate source. A...

7.3AI score
Exploits0
OSV
OSV
added 2023/03/27 4:15 p.m.4 views

CVE-2023-0816

The Formidable Forms WordPress plugin before 6.1 uses several potentially untrusted headers to determine the IP address of the client, leading to IP Address spoofing and bypass of anti-spam protections...

6.5CVSS6.9AI score0.00498EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2023/03/27 12:0 a.m.7 views

PT-2023-16545 · WordPress · Formidable Forms

Name of the Vulnerable Software and Affected Versions: Formidable Forms WordPress plugin versions prior to 6.1 Description: The issue allows IP Address spoofing and bypass of anti-spam protections by using several potentially untrusted headers to determine the client's IP address. Recommendations...

6.5CVSS9.6AI score0.00498EPSS
Exploits2References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.4 views

SUSE CVE-2005-3351

SpamAssassin 3.0.4 allows attackers to bypass spam detection via an e-mail with a large number of recipients "To" addresses, which triggers a bus error in Perl...

5CVSS6.9AI score0.07259EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/06/20 12:0 a.m.3 views

WordPress plugin WP-EMail 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. WordPress plugin WP-EMail version 2.69.0 has a security vulnerability that stems from obtaining a...

7.5CVSS5.7AI score0.01105EPSS
Exploits2References2
OSV
OSV
added 2019/01/30 3:29 p.m.3 views

CVE-2018-15136

TitanHQ SpamTitan before 7.01 has Improper input validation. This allows internal attackers to bypass the anti-spam filter to send malicious emails to an entire organization by modifying the URL requests sent to the application...

5.3CVSS5.8AI score0.00957EPSS
Exploits1References1
OSV
OSV
added 2016/06/23 12:59 a.m.3 views

CVE-2016-1438

Cisco AsyncOS 9.7.0-125 on Email Security Appliance ESA devices allows remote attackers to bypass intended spam filtering via crafted executable content in a ZIP archive, aka Bug ID CSCuy39210...

7.5CVSS5.8AI score0.01219EPSS
Exploits0References2
CNVD
CNVD
added 2016/06/23 12:0 a.m.2 views

Cisco Email Security Appliance AsyncOS Security Bypass Vulnerability

Cisco AsyncOS on Email Security Appliance ESA is a set of operating systems running in the Email Security Appliance ESA from Cisco USA. A security bypass vulnerability exists in Cisco AsyncOS version 9.7.0-125 on Cisco ESA appliances. A remote attacker could exploit this vulnerability to bypass...

7.5CVSS6.9AI score0.01219EPSS
Exploits0References1
OSV
OSV
added 2014/01/21 1:55 a.m.10 views

CVE-2010-5293

wp-includes/comment.php in WordPress before 3.0.2 does not properly whitelist trackbacks and pingbacks in the blogroll, which allows remote attackers to bypass intended spam restrictions via a crafted URL, as demonstrated by a URL that triggers a substring match...

6.4AI score
Exploits0References6
NVD
NVD
added 2002/12/31 5:0 a.m.16 views

CVE-2002-1790

The SMTP service in Microsoft Internet Information Services IIS 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682...

5CVSS6.5AI score0.33967EPSS
Exploits1References3
Rows per page
Query Builder