Lucene search
K

7 matches found

OpenVAS
OpenVAS
added 2020/09/25 12:0 a.m.30 views

openSUSE: Security Advisory for roundcubemail (openSUSE-SU-2020:1516-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.4AI score0.84456EPSS
Exploits4References4
OpenVAS
OpenVAS
added 2020/05/06 12:0 a.m.36 views

Roundcube Webmail < 1.2.10, 1.3.x < 1.3.11, 1.4.x < 1.4.4 Multiple Vulnerabilities

Roundcube Webmail is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:roundcube:webmail"; if...

9.8CVSS8.2AI score0.84456EPSS
Exploits4References3
OSV
OSV
added 2020/05/04 3:15 p.m.26 views

CVE-2020-12640

Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcubepluginapi.php...

9.8CVSS6.8AI score0.06727EPSS
Exploits1References7
NVD
NVD
added 2020/05/04 3:15 p.m.18 views

CVE-2020-12640

Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcubepluginapi.php...

9.8CVSS9.3AI score0.06727EPSS
Exploits1References7
Cvelist
Cvelist
added 2020/05/04 2:58 p.m.27 views

CVE-2020-12640

Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcubepluginapi.php...

9.3AI score0.06727EPSS
Exploits1References7
CVE
CVE
added 2020/05/04 2:58 p.m.200 views

CVE-2020-12640

CVE-2020-12640 affects Roundcube Webmail prior to 1.4.4. The vulnerability arises from a directory traversal in a plugin name passed to rcube_plugin_api.php, enabling local file inclusion and arbitrary code execution. Reported impact aligns with partial confidentiality, integrity, and availabilit...

9.8CVSS9.1AI score0.06727EPSS
Exploits1References7Affected Software1
Debian CVE
Debian CVE
added 2020/05/04 2:58 p.m.27 views

CVE-2020-12640

Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcubepluginapi.php...

9.8CVSS8.9AI score0.06727EPSS
Exploits1
Rows per page
Query Builder