Lucene search
+L

330 matches found

Fedora
Fedora
added 2020/03/12 9:57 p.m.30 views

[SECURITY] Fedora 31 Update: sympa-6.2.54-1.fc31

Sympa is scalable and highly customizable mailing list manager. It can cope with big lists 200,000 subscribers and comes with a complete user and admin Web interface. It is internationalized, and supports the us, fr, de, es, it, fi, and chinese locales. A scripting language allows you to extend t...

7.5CVSS0.4AI score0.02915EPSS
Exploits0
CNVD
CNVD
added 2020/02/25 12:0 a.m.6 views

Sympa has an unspecified vulnerability

Sympa is an extensible and highly customizable mailing list software. The software provides multiple templates, custom authentication backends and authentication scripts, and support for various mailing list backends LDAP, SQL, text, list or others. A security vulnerability exists in Sympa versio...

7.5CVSS7.1AI score0.02915EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2020/02/25 12:0 a.m.47 views

Sympa 6.2.38 <= 6.2.52 DoS Vulnerability

Sympa is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sympa:sympa"; if...

7.5CVSS7.3AI score0.02915EPSS
Exploits0References2
NVD
NVD
added 2020/02/24 6:15 p.m.13 views

CVE-2020-9369

Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service disk consumption from temporary files, and a flood of notifications to listmasters via a series of requests with malformed parameters...

7.5CVSS7.2AI score0.02915EPSS
Exploits0References6
OSV
OSV
added 2020/02/24 6:15 p.m.22 views

CVE-2020-9369

Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service disk consumption from temporary files, and a flood of notifications to listmasters via a series of requests with malformed parameters...

7.5CVSS6.7AI score
Exploits0References6
OSV
OSV
added 2020/02/24 6:15 p.m.2 views

DEBIAN-CVE-2020-9369

Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service disk consumption from temporary files, and a flood of notifications to listmasters via a series of requests with malformed parameters...

7.5CVSS6.9AI score0.02915EPSS
Exploits0References1
Prion
Prion
added 2020/02/24 6:15 p.m.14 views

Code injection

Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service disk consumption from temporary files, and a flood of notifications to listmasters via a series of requests with malformed parameters...

5CVSS7.2AI score0.02915EPSS
Exploits0References6Affected Software3
UbuntuCve
UbuntuCve
added 2020/02/24 6:15 p.m.20 views

CVE-2020-9369

Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service disk consumption from temporary files, and a flood of notifications to listmasters via a series of requests with malformed parameters...

7.5CVSS6.9AI score0.02915EPSS
Exploits0References3
OSV
OSV
added 2020/02/24 6:15 p.m.1 views

UBUNTU-CVE-2020-9369

Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service disk consumption from temporary files, and a flood of notifications to listmasters via a series of requests with malformed parameters...

7.5CVSS6.9AI score0.02915EPSS
Exploits0References4
CVE
CVE
added 2020/02/24 5:25 p.m.85 views

CVE-2020-9369

Sympa (mailing list manager) is affected by CVE-2020-9369. The vulnerability exists in 6.2.38 through 6.2.52 and allows remote attackers to cause a denial of service by sending requests with malformed parameters, triggering disk consumption via temporary files and a flood of notifications to list...

7.5CVSS7AI score0.02915EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2020/02/24 5:25 p.m.24 views

CVE-2020-9369

Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service disk consumption from temporary files, and a flood of notifications to listmasters via a series of requests with malformed parameters...

7.1AI score0.02915EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2020/02/24 5:25 p.m.44 views

CVE-2020-9369

Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service disk consumption from temporary files, and a flood of notifications to listmasters via a series of requests with malformed parameters...

7.5CVSS6.7AI score0.02915EPSS
Exploits0
FreeBSD
FreeBSD
added 2020/02/24 12:0 a.m.24 views

sympa -- Denial of service caused by malformed CSRF token

Javier Moreno discovered a vulnerability in Sympa web interface that can cause denial of service DoS attack. By submitting requests with malformed parameters, this flaw allows to create junk files in Sympa's directory for temporary files. And particularly by tampering token to prevent CSRF, it...

7.5CVSS5.4AI score0.02915EPSS
Exploits0References1
OSV
OSV
added 2019/09/12 7:9 p.m.7 views

MGASA-2019-0263 Updated sympa packages fix security vulnerability

Updated sympa packages fix security vulnerability: Michael Kaczmarczik discovered a vulnerability in the web interface template editing function of Sympa, a mailing list manager. Owner and listmasters could use this flaw to create or modify arbitrary files in the server with privileges of sympa...

9.8CVSS9.5AI score0.02576EPSS
Exploits0References4
Mageia
Mageia
added 2019/09/12 7:9 p.m.34 views

Updated sympa packages fix security vulnerability

Updated sympa packages fix security vulnerability: Michael Kaczmarczik discovered a vulnerability in the web interface template editing function of Sympa, a mailing list manager. Owner and listmasters could use this flaw to create or modify arbitrary files in the server with privileges of sympa...

9.8CVSS2.9AI score0.02576EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2019/01/08 12:0 a.m.3 views

PT-2019-5774 · Debian · Sympa

Name of the Vulnerable Software and Affected Versions: Debian Sympa package versions prior to 6.2.40dfsg-7 Description: The issue is related to the debian/sympa.postinst component of the Sympa package, which sets incorrect permissions for the sympa newaliases-wrapper. This could allow a remote...

7.8CVSS5.8AI score0.02915EPSS
Exploits2References29
OSV
OSV
added 2018/09/21 12:0 a.m.23 views

DLA-1512-1 sympa - security update

Bulletin has no description...

6.1CVSS6.3AI score0.03982EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/09/21 12:0 a.m.28 views

Debian DLA-1512-1 : sympa security update

An Open Redirect vulnerability has been discovered in sympa. The 'referer' parameter of the wwsympa.fcgi login action can result in Open redirection and potential Cross Site Scripting via data URIs. This attack appear to be exploitable via Victim browser opening a crafted URL supplied by the...

6.1CVSS6.5AI score0.03982EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2018/09/20 12:0 a.m.34 views

Debian: Security Advisory (DLA-1512-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.6AI score0.03982EPSS
Exploits0References3
CNVD
CNVD
added 2018/09/10 12:0 a.m.6 views

Sympa Open Redirect Vulnerability

Sympa is an extensible and highly customizable mailing list software. The software provides multiple templates, custom authentication backends and authentication scripts, and support for various mailing list backends LDAP, SQL, text, list or others. An open redirect vulnerability exists in the...

6.1CVSS6.6AI score0.03982EPSS
Exploits0References1
Rows per page
Query Builder