CVE-2026-9304

A security flaw has been discovered in calcom cal.diy up to 4.9.4. The affected element is the function validateUrlForSSRF of the file apps/web/app/api/logo/route.ts of the component Logo API. The manipulation results in server-side request forgery. It is possible to launch the attack remotely...

Malicious code in validate-address (npm)

The package validate-address was found to contain malicious code...

MAL-2025-38049 Malicious code in validate-address (npm)

The package validate-address was found to contain malicious code...

CVE-2023-53019 net: mdio: validate parameter addr in mdiobus_get_phy()

In the Linux kernel, the following vulnerability has been resolved: net: mdio: validate parameter addr in mdiobusgetphy The caller may pass any value as addr, what may result in an out-of-bounds access to array mdiomap. One existing case is stmmacinitphy that may pass -1 as addr. Therefore valida...

PT-2021-3390 · Phpmailer +3 · Phpmailer +3

Name of the Vulnerable Software and Affected Versions: PHPMailer versions 6.4.1 and earlier Description: The issue is related to the validateAddress function in PHPMailer, which can lead to the execution of untrusted code if such code is injected into the host project's scope by other means. This...

DEBIAN-CVE-2015-8476

Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an 1 email address to the validateAddress function in class.phpmailer.php or 2 SMTP command to the sendCommand function in class.smtp.php, a different...