EUVD-2006-0981

Malware in sbrugna...

EUVD-2007-1509

Malware in sbrugna...

EUVD-2017-3347

Malware in sbrugna...

CVE-2017-11737

interface/js/app/history.js in WebUI in Rspamd before 1.6.3 allows XSS via the Subject and Message-Id headers, which are mishandled in the history page...

SUSE CVE-2007-1718

CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the 1 Subject or 2 To parameter, as demonstrat...

SUSE CVE-2010-4699

The iconvmimedecodeheaders function in the Iconv extension in PHP before 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring aka Multibyte String implementations, which allows remote attackers to trigger an incomplete output array, and possibly bypass spam...

SUSE CVE-2011-0633

The Net::HTTPS module in libwww-perl LWP before 6.00, as used in WWW::Mechanize, LWP::UserAgent, and other products, when running in environments that do not set the If-SSL-Cert-Subject header, does not enable full validation of SSL certificates by default, which allows remote attackers to spoof...

Roundcube Webmail <= 0.5.4 DoS Vulnerability

Roundcube Webmail is prone to a denial of service DoS vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Rspamd Cross-Site Scripting Vulnerability

Rspamd is a fast spam filtering system. The system evaluates and filters spam through regular expressions, statistical analysis and blacklists. A cross-site scripting vulnerability exists in the interface/js/app/history.js file of the WebUI in versions of Rspamd prior to 1.6.3. A remote attacker...

DEBIAN-CVE-2017-11737

interface/js/app/history.js in WebUI in Rspamd before 1.6.3 allows XSS via the Subject and Message-Id headers, which are mishandled in the history page...

UBUNTU-CVE-2017-11737

interface/js/app/history.js in WebUI in Rspamd before 1.6.3 allows XSS via the Subject and Message-Id headers, which are mishandled in the history page...

CVE-2014-7287

The key-management component in Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allows remote attackers to trigger unintended content in outbound e-mail messages via a crafted key UID value in an inbound e-mail message, as demonstrated by the outbound Subject heade...

Cisco IronPort ESA Subject Header Length Denial of Service Vulnerability

A vulnerability in Subject header length processing on Cisco IronPort Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause a limited denial of service DoS condition on an affected platform. The vulnerability occurs because the appliance does not limit the length o...

CVE-2013-4698

Cybozu Mailwise 5.0.4 and 5.0.5 allows remote authenticated users to obtain sensitive e-mail content intended for different persons in opportunistic circumstances by reading Subject header lines within the user's own mailbox...

UBUNTU-CVE-2011-4078

include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP 5.3.7 or 5.3.8 is used, allows remote attackers to trigger a GET request for an arbitrary URL, and cause a denial of service resource consumption and inbox outage, via a Subject header containing only a URL, a related issue to...

CVE-2011-4078

include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP 5.3.7 or 5.3.8 is used, allows remote attackers to trigger a GET request for an arbitrary URL, and cause a denial of service resource consumption and inbox outage, via a Subject header containing only a URL, a related issue to...

CVE-2010-4699

The iconvmimedecodeheaders function in the Iconv extension in PHP before 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring aka Multibyte String implementations, which allows remote attackers to trigger an incomplete output array, and possibly bypass spam...

CVE-2010-4699

The iconvmimedecodeheaders function in the Iconv extension in PHP before 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring aka Multibyte String implementations, which allows remote attackers to trigger an incomplete output array, and possibly bypass spam...

Ipswitch IMail Server Mailing List Message Subject Buffer Overflow

The Ipswitch IMail Server is a mail server product geared towards medium to large size organizations. It contains implementations of POP3, IMAP4, and SMTP servers. The SMTP server module is installed and started in a default installation. A buffer overflow vulnerability has been reported in...

CVE-2007-1515

Multiple cross-site scripting XSS vulnerabilities in Horde IMP H3 4.1.3, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via 1 the email Subject header in thread.php, 2 the editquery parameter in search.php, or other unspecified parameters in search.php. NOTE:...