Lucene search
+L

9 matches found

nvd
nvd
added 2026/06/25 9:16 p.m.8 views

CVE-2026-6678

Integer underflow in wcPKCS7DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption...

5.3CVSS0.0019EPSS
Exploits0References3
cve
cve
added 2026/06/25 8:16 p.m.18 views

CVE-2026-6678

CVE-2026-6678 affects wolfSSL’s wc_PKCS7_DecryptOri function. A crafted Other Recipient Info triggers an integer underflow, causing incorrect length handling during decryption. Impact is described as decryption length mismanagement; no explicit exploitation details are provided in the connected d...

5.3CVSS5.8AI score0.0019EPSS
Exploits0References3Affected Software1
nessus
nessus
added 2026/06/04 12:0 a.m.15 views

Ubuntu 24.04 LTS : age vulnerability (USN-8372-1)

The remote Ubuntu 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8372-1 advisory. It was discovered that age did not properly validate plugin names. An attacker could possibly use this issue to cause execution of an arbitrary program by supplyi...

9.8CVSS6.1AI score0.00481EPSS
Exploits0References2
osv
osv
added 2026/06/02 4:24 p.m.11 views

USN-8372-1 age vulnerability

It was discovered that age did not properly validate plugin names. An attacker could possibly use this issue to cause execution of an arbitrary program by supplying a crafted recipient or identity string...

9.8CVSS5.9AI score0.00481EPSS
Exploits0References2
osv
osv
added 2021/05/10 7:16 p.m.9 views

GHSA-48WW-J4FC-435P Command injection in nodemailer

This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails...

9.8CVSS5.9AI score0.02316EPSS
Exploits1References7
ubuntucve
ubuntucve
added 2021/05/04 1:30 p.m.63 views

CVE-2020-28008

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory owned by a non-root user, an attacker can write to a /var/spool/exim4/input spool header file, in which a crafted recipient address can indirectly lead to command execution...

7.8CVSS7.1AI score0.00404EPSS
Exploits3References3
osv
osv
added 2021/05/04 1:30 p.m.4 views

UBUNTU-CVE-2020-28008

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory owned by a non-root user, an attacker can write to a /var/spool/exim4/input spool header file, in which a crafted recipient address can indirectly lead to command execution...

7.8CVSS7.1AI score0.00404EPSS
Exploits3References4
cnvd
cnvd
added 2020/11/19 12:0 a.m.6 views

Nodemailer Injection Vulnerability

Nodemailer is the Nodemailer team of a use can provide the ability to send e-mail JS code library . An injection vulnerability exists in versions of nodemailer prior to 6.4.16, which stems from the fact that the use of a carefully crafted recipient email address may result in arbitrary command fl...

9.8CVSS7.8AI score0.02316EPSS
Exploits1References1
nvd
nvd
added 2020/11/12 9:15 a.m.17 views

CVE-2020-7769

This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails...

9.8CVSS9.6AI score0.02316EPSS
Exploits1References4
Rows per page
Query Builder