Lucene search
K

330 matches found

Fedora
Fedora
added 2024/12/26 1:20 a.m.15 views

[SECURITY] Fedora 41 Update: sympa-6.2.74-1.fc41

Sympa is scalable and highly customizable mailing list manager. It can cope with big lists 200,000 subscribers and comes with a complete user and admin Web interface. It is internationalized, and supports the us, fr, de, es, it, fi, and chinese locales. A scripting language allows you to extend t...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/12/26 12:0 a.m.14 views

Fedora 41 : sympa (2024-88ad2bee84)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-88ad2bee84 advisory. - Update to 6.2.74, fix for CVE-2024-55919 - Full changelog: https://github.com/sympa-community/sympa/releases/tag/6.2.74 Tenable has extracted the preceding...

5.5AI score
Exploits0References2
Fedora
Fedora
added 2024/12/25 1:38 a.m.12 views

[SECURITY] Fedora 40 Update: sympa-6.2.74-1.fc40

Sympa is scalable and highly customizable mailing list manager. It can cope with big lists 200,000 subscribers and comes with a complete user and admin Web interface. It is internationalized, and supports the us, fr, de, es, it, fi, and chinese locales. A scripting language allows you to extend t...

6.9AI score
Exploits0
OpenVAS
OpenVAS
added 2024/12/25 12:0 a.m.9 views

Fedora: Security Advisory (FEDORA-2024-14c006b8bb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/12/25 12:0 a.m.10 views

Fedora 40 : sympa (2024-14c006b8bb)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-14c006b8bb advisory. - Update to 6.2.74, fix for CVE-2024-55919 - Full changelog: https://github.com/sympa-community/sympa/releases/tag/6.2.74 Tenable has extracted the preceding...

5.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/01 12:0 a.m.8 views

Mageia: Security Advisory (MGASA-2024-0052)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.4AI score0.00802EPSS
Exploits1References4
OSV
OSV
added 2024/02/29 5:41 p.m.6 views

MGASA-2024-0052 Updated sympa packages fix security vulnerabilities

Sympa 6.2.72 fixes many bugs, including the security one related in CVE-2021-32850 It is required to manually run sympa upgrade after get this update...

6.1CVSS6.2AI score0.00802EPSS
Exploits1References4
Mageia
Mageia
added 2024/02/29 5:41 p.m.32 views

Updated sympa packages fix security vulnerabilities

Sympa 6.2.72 fixes many bugs, including the security one related in CVE-2021-32850 It is required to manually run sympa upgrade after get this update...

6.1CVSS7.3AI score0.00802EPSS
Exploits1References3
Veracode
Veracode
added 2024/01/13 8:25 a.m.26 views

Cross Site Scripting(XSS)

sympa:sid is vulnerable to cross-site scripting. The vulnerability due to Inappropriate use of the cookie parameter is both a salt for stored passwords. It leads to XSS due to parameter may also not provide sufficient security...

7.5CVSS5.5AI score0.00369EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2023/12/31 5:15 a.m.17 views

CVE-2021-46900

Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value. Specifically, the cookie parameter is both a salt for stored passwords and an XSS protection mechanism...

7.5CVSS0.00369EPSS
Exploits0References3
OSV
OSV
added 2023/12/31 5:15 a.m.17 views

CVE-2021-46900

Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value. Specifically, the cookie parameter is both a salt for stored passwords and an XSS protection mechanism...

7.5CVSS6AI score
Exploits0References3
OSV
OSV
added 2023/12/31 5:15 a.m.3 views

DEBIAN-CVE-2021-46900

Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value. Specifically, the cookie parameter is both a salt for stored passwords and an XSS protection mechanism...

7.5CVSS7.2AI score0.00369EPSS
Exploits0References1
OSV
OSV
added 2023/12/31 5:15 a.m.1 views

UBUNTU-CVE-2021-46900

Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value. Specifically, the cookie parameter is both a salt for stored passwords and an XSS protection mechanism...

7.5CVSS7.1AI score0.00369EPSS
Exploits0References4
Prion
Prion
added 2023/12/31 5:15 a.m.16 views

Cross site scripting

Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value. Specifically, the cookie parameter is both a salt for stored passwords and an XSS protection mechanism...

5CVSS6.2AI score0.00369EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2023/12/31 5:15 a.m.34 views

CVE-2021-46900

Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value. Specifically, the cookie parameter is both a salt for stored passwords and an XSS protection mechanism...

7.5CVSS7.1AI score0.00369EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/12/31 12:0 a.m.3 views

Sympa Security Vulnerabilities

Sympa is an open source email management list software from the Sympa community. The software supports email management, authentication and access control. A security vulnerability exists in versions prior to Sympa 6.2.62, which stems from improper use of the cookie parameter, resulting in a...

7.5CVSS6.9AI score0.00369EPSS
Exploits0References4
CVE
CVE
added 2023/12/31 12:0 a.m.60 views

CVE-2021-46900

Sympa (open source mail list software) is affected by CVE-2021-46900 in versions before 6.2.62. The vulnerability arises from using a cookie parameter as both a salt for stored passwords and an XSS protection mechanism, without ensuring the parameter exists or has an unpredictable value. Reported...

7.5CVSS7.2AI score0.00369EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/12/31 12:0 a.m.30 views

CVE-2021-46900

Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value. Specifically, the cookie parameter is both a salt for stored passwords and an XSS protection mechanism...

7.4AI score0.00369EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2023/12/31 12:0 a.m.23 views

CVE-2021-46900

Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value. Specifically, the cookie parameter is both a salt for stored passwords and an XSS protection mechanism...

7.5CVSS7.4AI score0.00369EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.30 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : Sympa vulnerabilities (USN-4442-2)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4442-2 advisory. USN-4442-1 fixed vulnerabilities in Sympa. This update provides the corresponding updates for Ubuntu 16.04 ESM, Ubuntu 18.04 ESM...

9.8CVSS7.6AI score0.03982EPSS
Exploits1References4
Rows per page
Query Builder