Lucene search
K

25 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2018-0618

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified...

5.4CVSS6.3AI score0.02048EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.24 views

RHEL 6 : mailman (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mailman: CSRF token bypass allows to perform CSRF attacks and account takeover CVE-2021-42097 - mailman:...

7.7AI score0.02698EPSS
Exploits1References10
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.15 views

Mageia: Security Advisory (MGASA-2018-0313)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.4CVSS6.1AI score0.02048EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2019:13924-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7AI score0.07964EPSS
Exploits4References8
OpenVAS
OpenVAS
added 2021/02/22 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for mailman (EulerOS-SA-2021-1326)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.2AI score0.02698EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/01/19 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for mailman (EulerOS-SA-2021-1096)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.2AI score0.02698EPSS
Exploits1References2
Amazon
Amazon
added 2020/10/27 12:0 a.m.38 views

Medium: mailman

Issue Overview: A cross-site scripting vulnerability XSS has been discovered in mailman due to the hostname field not being properly validated. A malicious list owner could use this flaw to create a specially crafted list and inject client-side scripts. CVE-2018-0618 An issue was discovered in GN...

6.5CVSS6.5AI score0.02541EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/07/20 12:0 a.m.38 views

Amazon Linux AMI : mailman (ALAS-2020-1395)

The version of mailman installed on the remote host is prior to 2.1.15-30.25. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1395 advisory. Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject...

6.5CVSS6.5AI score0.02541EPSS
Exploits0References5
Amazon
Amazon
added 2020/07/16 12:0 a.m.29 views

Medium: mailman

Issue Overview: Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. CVE-2018-0618 An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be...

6.5CVSS6.3AI score0.02541EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/04/30 12:0 a.m.28 views

Ubuntu 16.04 LTS / 18.04 LTS : Mailman vulnerabilities (USN-4348-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4348-1 advisory. It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this to issue execute arbitrary scripts or...

6.5CVSS6.9AI score0.02541EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2020/04/29 2:40 p.m.64 views

USN-4348-1: Mailman vulnerabilities

It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this to issue execute arbitrary scripts or HTML. CVE-2018-0618 It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this issue to display arbitrary text o...

6.5CVSS6.8AI score0.02541EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.29 views

openSUSE Security Update : mailman (openSUSE-2019-495)

This update for mailman to version 2.1.27 fixes the following issues : This security issue was fixed : - CVE-2018-0618: Additional protections against injecting scripts into listinfo and error messages pages bsc1099510. These non-security issues were fixed : - The hash generated when...

5.4CVSS6.3AI score0.02048EPSS
Exploits0References2
ALT Linux
ALT Linux
added 2019/01/06 12:0 a.m.30 views

Security fix for the ALT Linux 9 package mailman version 5:2.1.29-alt1

Jan. 6, 2019 Dmitry V. Levin 5:2.1.29-alt1 - 2.1.26 - 2.1.29 fixes: CVE-2018-0618, CVE-2018-13796. - Enhanced init script. - Added tmpfiles.d5 rules and a systemd unit file for mailman...

4.3CVSS6.4AI score0.02541EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.26 views

Fedora 28 : 3:mailman (2018-f8fd4c5798)

Add fix for CVE-2018-0618 1596459 ---- Add fix for CVE-2018-0618 1596460 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

5.4CVSS6.1AI score0.02048EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/07/26 5:29 p.m.22 views

CVE-2018-0618

Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

5.4CVSS6.7AI score0.02048EPSS
Exploits0References5
CVE
CVE
added 2018/07/26 5:0 p.m.200 views

CVE-2018-0618

The provided documents confirm CVE-2018-0618 is a cross-site scripting vulnerability in Mailman prior to or including 2.1.26, caused by unvalidated input in the host_name field, enabling a malicious listowner to inject scripts on the listinfo page. Affected product: Mailman (versions up to 2.1.26...

5.4CVSS5AI score0.02048EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2018/07/26 5:0 p.m.30 views

CVE-2018-0618

Removed by vendor...

5.4CVSS6.4AI score0.02048EPSS
Exploits0
Debian
Debian
added 2018/07/24 9:22 p.m.24 views

[SECURITY] [DLA 1442-1] mailman security update

Package : mailman Version : 1:2.1.18-2+deb8u3 CVE ID : CVE-2018-0618 CVE-2018-13796 Debian Bug : 903674 Two flaws were discovered in mailman, a web-based mailing list manager. CVE-2018-0618 Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. discovered that mailman is prone to a cross-si...

6.5CVSS7AI score0.02541EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/07/16 12:0 a.m.30 views

Debian DSA-4246-1 : mailman - security update

Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. discovered that mailman, a web-based mailing list manager, is prone to a cross-site scripting flaw allowing a malicious listowner to inject scripts into the listinfo page, due to not validated input in the hostname field. C Tenable...

5.4CVSS5.8AI score0.02048EPSS
Exploits0References4
Debian
Debian
added 2018/07/15 7:0 p.m.23 views

[SECURITY] [DSA 4246-1] mailman security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4246-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 15, 2018 https://www.debian.org/security/faq -...

5.4CVSS6.1AI score0.02048EPSS
Exploits0
Rows per page
Query Builder