26 matches found
EUVD-2019-9772
Malware in sbrugna...
EUVD-2009-4372
Malware in sbrugna...
CVE-2022-29360
The Email Viewer in RainLoop through 1.6.0 allows XSS via a crafted email message...
AlmaLinux 8 : dovecot (ALSA-2021:1887)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1887 advisory. - An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled...
EulerOS 2.0 SP8 : dovecot (EulerOS-SA-2021-1139)
According to the versions of the dovecot packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controll...
Fedora 32 : 1:dovecot (2021-c90cb486f7)
The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-c90cb486f7 advisory. - An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled...
CVE-2020-25275
Dovecot before 2.3.13 has Improper Input Validation in lda, lmtp, and imap, leading to an application crash via a crafted email message with certain choices for ten thousand MIME parts...
Input validation
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass configured filters on the device. The vulnerability is due to improper validation of incoming emails. An attacker could exploit...
CVE-2020-3133 Cisco Email Security Appliance Content Filter Bypass Vulnerability
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass configured filters on the device. The vulnerability is due to improper validation of incoming emails. An attacker could exploit...
DEBIAN-CVE-2020-12100
In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service resource consumption via a crafted e-mail message with deeply nested MIME parts...
The vulnerability of Cisco Email Security Appliances, related to uncontrolled resource consumption, allows attackers to trigger service failures.
The vulnerability of Cisco Email Security Appliances relates to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to trigger a service failure through a specially crafted email message...
Fedora 31 : tnef (2019-815807c020)
tnef release 1.4.18. ==================== Security release to resolve CVE-2019-18849 in which it may be possible to attack via a crafted email message extracted via tnef. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system websit...
UBUNTU-CVE-2018-15586
Enigmail before 2.0.6 is prone to to OpenPGP signatures being spoofed for arbitrary messages using a PGP/INLINE signature wrapped within a specially crafted multipart HTML email...
The vulnerability of the Microsoft Exchange Server mail server, related to errors in memory object processing, allows a hacker to execute arbitrary code.
The vulnerability of Microsoft Exchange Server exists due to errors in memory object handling. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the system user by sending a specially crafted email message...
Apple macOS Mojave Mail UI Spoofing Vulnerability
Apple macOS Mojave is a specialized operating system developed by Apple Inc. for Mac computers.The App Store is a platform for online distribution of applications.Mail is an email component of the... A security vulnerability exists in the Mail component of Apple macOS Mojave version 10.14. The...
IBM iNotes Information Disclosure Vulnerability (CNVD-2018-19429)
IBM iNotes also known as IBM Lotus iNotes is a set of Web-based e-mail software from IBM in the United States. The software helps different types of users online and offline users to effectively manage business-critical information and collaboration. An information disclosure vulnerability exists...
CVE-2017-14461
A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to send a specially crafted email message to the...
Code injection
Kerio Connect 8.0.0 through 9.2.2, and Kerio Connect Client desktop application for Windows and Mac 9.2.0 through 9.2.2, when e-mail preview is enabled, allows remote attackers to conduct clickjacking attacks via a crafted e-mail message...
Design/Logic Flaw
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2016, Word 2013 RT SP1, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted email message processed by Outlook, aka "Microsoft Office RCE Vulnerability."...
Mandriva Update for cyrus-imapd MDVSA-2012:037 (cyrus-imapd)
Check for the Version of cyrus-imapd OpenVAS Vulnerability Test Mandriva Update for cyrus-imapd MDVSA-2012:037 cyrus-imapd Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...