Lucene search
K

24 matches found

OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.23 views

Ubuntu: Security Advisory (USN-3811-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.1082EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2018-0425)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.9AI score0.1082EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2019:2011-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.1082EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.35 views

SUSE: Security Advisory (SUSE-SU-2019:1961-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.1082EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2019/08/07 12:0 a.m.22 views

openSUSE: Security Advisory for spamassassin (openSUSE-SU-2019:1831-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.1AI score0.1082EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2019/08/06 12:0 a.m.71 views

Security update for spamassassin (moderate)

openSUSE Security Update: Security update for spamassassin Announcement ID: openSUSE-SU-2019:1831-1 Rating: moderate References: 1069831 1107765 1108745 1108748 1108749 1108750 1115411 Cross-References: CVE-2016-1238 CVE-2017-15705 CVE-2018-11780 CVE-2018-11781 Affected Products: openSUSE Leap 15...

9.8CVSS8.1AI score0.1082EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2019/07/25 12:0 a.m.34 views

SUSE SLED12 / SLES12 Security Update : spamassassin (SUSE-SU-2019:1961-1)

This update for spamassassin to version 3.4.2 fixes the following issues : Security issues fixed : CVE-2017-15705: Fixed denial of service via unclosed tags in crafted emails bsc1108745. CVE-2018-11781: Fixed a code injection in the meta rule syntax by local users bsc1108748. CVE-2018-11780: Fixe...

9.8CVSS7.3AI score0.1082EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.42 views

Fedora 28 : spamassassin (2018-46d7a7f63e)

Fixed some small bugs in the previous package: Initial rules now have the correct version, sought channel config is dropped since it doesn't exist anymore and build / runtime deps adjusted. ---- Update to 3.4.2. Fixes CVE-2017-15705, CVE-2018-11780 and CVE-2018-11781 along with many other bugfixe...

9.8CVSS6.7AI score0.1082EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.41 views

Fedora 29 : spamassassin (2018-8f0df2c366)

Fixed some small bugs in the previous package: Initial rules now have the correct version, sought channel config is dropped since it doesn't exist anymore and build / runtime deps adjusted. ---- Update to 3.4.2. Fixes CVE-2017-15705, CVE-2018-11780 and CVE-2018-11781 along with many other bugfixe...

9.8CVSS6.7AI score0.1082EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2018/12/05 4:30 p.m.89 views

USN-3811-3: SpamAssassin vulnerabilities

USN-3811-1 fixed a vulnerability in spamassassin. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that SpamAssassin incorrectly handled the PDFInfo plugin. A remote attacker could possibly use this issue to execute arbitrary code...

9.8CVSS8.4AI score0.1082EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/11/14 12:0 a.m.51 views

Debian: Security Advisory (DLA-1578-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.1082EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/11/14 12:0 a.m.30 views

Debian DLA-1578-1 : spamassassin security update

Multiple vulnerabilities were found in Spamassassin, which could lead to Remote Code Execution and Denial of Service attacks under certain circumstances. CVE-2016-1238 Many Perl programs do not properly remove . period characters from the end of the includes directory array, which might allow loc...

9.8CVSS7AI score0.1082EPSS
Exploits0References6
Debian
Debian
added 2018/11/13 7:6 p.m.470 views

[SECURITY] [DLA 1578-1] spamassassin security update

Package : spamassassin Version : 3.4.2-0+deb8u1 CVE ID : CVE-2016-1238 CVE-2017-15705 CVE-2018-11780 CVE-2018-11781 Debian Bug : 784023 865924 883775 889501 891041 908969 908970 908971 913571 Multiple vulnerabilities were found in Spamassassin, which could lead to Remote Code Execution and Denial...

9.8CVSS6.9AI score0.1082EPSS
Exploits0
Mageia
Mageia
added 2018/10/30 6:1 p.m.46 views

Updated spamassassin packages fix security vulnerabilities

Updated spamassassin package fixes security vulnerabilities: A reliance on "." in @INC in one configuration script CVE-2016-1238. A denial of service vulnerability arises with certain unclosed tags in emails that cause markup to be handled incorrectly leading to scan timeouts CVE-2017-15705. A...

9.8CVSS1.4AI score0.1082EPSS
Exploits0References2
Amazon
Amazon
added 2018/10/17 12:0 a.m.562 views

Important: spamassassin

Issue Overview: A flaw was found in the way a local user on the SpamAssassin server could inject code in the meta rule syntax. This could cause the arbitrary code execution on the server when these rules are being processed.CVE-2018-11781 A potential Remote Code Execution bug exists with the...

9.8CVSS8.2AI score0.1082EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/10/03 12:0 a.m.55 views

Fedora Update for spamassassin FEDORA-2018-6ed251c42b

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.1082EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/10/01 12:0 a.m.38 views

Fedora 27 : spamassassin (2018-6ed251c42b)

Fixed some small bugs in the previous package: Initial rules now have the correct version, sought channel config is dropped since it doesn't exist anymore and build / runtime deps adjusted. ---- Update to 3.4.2. Fixes CVE-2017-15705, CVE-2018-11780 and CVE-2018-11781 along with many other bugfixe...

9.8CVSS6.7AI score0.1082EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2018/09/24 12:0 a.m.25 views

Fedora Update for spamassassin FEDORA-2018-46d7a7f63e

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.1082EPSS
Exploits0References2
NVD
NVD
added 2018/09/17 2:29 p.m.18 views

CVE-2018-11780

A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin before 3.4.2...

9.8CVSS8.4AI score0.1082EPSS
Exploits0References7
CVE
CVE
added 2018/09/17 2:0 p.m.226 views

CVE-2018-11780

Apache SpamAssassin is affected by CVE-2018-11780 due to a potential Remote Code Execution in the PDFInfo plugin prior to version 3.4.2. Connected sources confirm SpamAssassin and PDFInfo as the vulnerable components, with upstream/vendors recommending upgrading to 3.4.2 or newer to mitigate. The...

9.8CVSS8.7AI score0.1082EPSS
Exploits0References7Affected Software2
Rows per page
Query Builder