Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-31865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows users to circumvent the allowed filename extensions of uploaded attachments...

5.3CVSS6.2AI score0.01134EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/11/19 12:0 a.m.6 views

Roundcube Webmail 跨站脚本漏洞

Roundcube Webmail is an open source browser-based IMAP client that supports address book management, message searching, spell checking, and more. Roundcube Webmail suffers from a cross-site scripting vulnerability that originates from XSS when the program handles file extensions of attachments.Th...

6.1CVSS6.8AI score0.01047EPSS
Exploits0References13
BDU FSTEC
BDU FSTEC
added 2021/10/29 12:0 a.m.7 views

The vulnerability in the Redmine project and task management web application, related to improper authorization, allows a perpetrator to compromise data integrity.

The vulnerability in the Redmine project and task management web application relates to the bypassing of allowed file extension restrictions for uploaded attachments. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of the data...

5.3CVSS5.9AI score0.01134EPSS
Exploits0References8Affected Software3
RedHat Linux
RedHat Linux
added 2020/11/04 1:27 a.m.5 views

mailman: XSS via file attachments in list archives

GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. This behavior may contribute to XSS attacks against list-archive visitors, because an HTTP reply from an archive web server may lack a MIME type, and a web browser may perform MIME sniffing,...

6.1CVSS6.8AI score0.02288EPSS
Exploits0References4
Rows per page
Query Builder