24 matches found
CVE-2026-40597
Mantis Bug Tracker MantisBT is an open source issue tracker. In versions 2.28.1 and below, given any pre-existing XSS / HTML injection vulnerability, an attacker can bypass the Content Security Policy's script-src directive by uploading a crafted attachment to any issue that, when accessed via th...
Mantis Bug Tracker 安全特征问题漏洞
Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker prior to 2.28.1 contained a security vulnerability related to the script-src directive, which allowed bypassing content security policies by uploading specially crafted...
EUVD-2026-24023
nbconvert has an Arbitrary File Write via Path Traversal in Cell Attachment Filenames...
CVE-2026-39377
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions 6.5 through 7.17.0 allow arbitrary file writes to locations outside the intended output directory when processing notebooks containing crafted cell attachment filenames. The...
CVE-2025-66550
Nextcloud Calendar is a calendar app for Nextcloud. Prior to 4.7.17 and 5.2.4, when a malicious user creates a calendar event with a crafted attachment that links to a download link of a file on the same Nextcloud server, the file would be downloaded without the user confirming the action. This...
EUVD-2025-201443
Nextcloud Calendar is a calendar app for Nextcloud. Prior to 4.7.17 and 5.2.4, when a malicious user creates a calendar event with a crafted attachment that links to a download link of a file on the same Nextcloud server, the file would be downloaded without the user confirming the action. This...
CVE-2025-66550 Nextcloud Calendar attachments of local files are offered to downloaded
Nextcloud Calendar is a calendar app for Nextcloud. Prior to 4.7.17 and 5.2.4, when a malicious user creates a calendar event with a crafted attachment that links to a download link of a file on the same Nextcloud server, the file would be downloaded without the user confirming the action. This...
Nextcloud Calendar 安全漏洞
Nextcloud Calendar is an open source calendar application from Nextcloud. A security vulnerability exists in Nextcloud Calendar versions prior to 4.7.17 and prior to 5.2.4, which stems from a malicious user being able to create specially crafted attachments that could result in files being...
EUVD-2016-3540
Malware in sbrugna...
EUVD-2015-6233
Malware in sbrugna...
Directory Traversal
Overview redmine-mcp-server is a Production-ready MCP server for Redmine with security, pagination, and enterprise features Affected versions of this package are vulnerable to Directory Traversal via the MCP endpoint. An attacker can gain an access to restricted files by passing a specially craft...
thunderbird: Information Disclosure of /tmp directory listing
A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edit...
The vulnerability of the rcmail_action_mail_get->run() function in the RoundCube Webmail client allows a hacker to execute XSS attacks.
The vulnerability of the rcmailactionmailget-run function in the RoundCube Webmail client exists because measures to protect the web page structure are not taken. Exploiting this vulnerability allows a malicious actor to perform XSS attacks by sending specially crafted malicious attachments...
CVE-2024-20401
A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to overwrite arbitrary files on the underlying operating system. This vulnerability is due to improper handling of email attachments when file...
PT-2024-4846 · Cisco · Cisco Secure Email Gateway
Name of the Vulnerable Software and Affected Versions: Cisco Secure Email Gateway affected versions not specified Description: A vulnerability in the content scanning and message filtering features could allow an unauthenticated, remote attacker to overwrite arbitrary files on the underlying...
PT-2024-5574
Name of the Vulnerable Software and Affected Versions Roundcube versions 1.5.7 and earlier, 1.6.x through 1.6.7 Description The issue exists due to inadequate protection of the web page structure in the rcmail action mail get-run function of the Roundcube Webmail client. Exploitation of this issu...
The vulnerability of the Wallet component in operating systems such as iOS, iPadOS, and watchOS allows a hacker to execute arbitrary code.
The vulnerability of the Wallet component in operating systems such as iOS, iPadOS, and watchOS is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code by loading specially crafted attachments...
CVE-2020-1904
A path validation issue in WhatsApp for iOS prior to v2.20.61 and WhatsApp Business for iOS prior to v2.20.61 could have allowed for directory traversal overwriting files when sending specially crafted docx, xlsx, and pptx files as attachments to messages...
CVE-2019-1983
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance ESA and Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to cause repeated crashes in some internal processes that are running on the...
CVE-2018-14864
Incorrect access control in asset bundles in Odoo Community 9.0 through 11.0 and earlier and Odoo Enterprise 9.0 through 11.0 and earlier allows remote authenticated users to inject arbitrary web script via a crafted attachment...