Lucene search
K

22 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-20516

Malware in sbrugna...

7.5CVSS7.8AI score0.02764EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/05/22 5:9 p.m.8 views

CVE-2020-28025

Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkimfinishbodyhash does not validate the relationship between sig-bodyhash.len and b-bh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory...

7.5CVSS6.4AI score0.02764EPSS
Exploits1
The Hacker News
The Hacker News
added 2025/04/22 10:50 a.m.47 views

Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials

In what has been described as an "extremely sophisticated phishing attack," threat actors have leveraged an uncommon approach that allowed bogus emails to be sent via Google's infrastructure and redirect message recipients to fraudulent sites that harvest their credentials. "The first thing to no...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/12/03 12:0 a.m.56 views

Debian dla-3680 : libopendkim-dev - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3680 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3680-1 [email protected] https://www.debian.org/lts/security/...

5.3CVSS5.7AI score0.00752EPSS
Exploits0References4
NVD
NVD
added 2023/07/11 8:15 p.m.21 views

CVE-2022-48521

An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely...

5.3CVSS5.1AI score0.00752EPSS
Exploits0References2
Prion
Prion
added 2023/07/11 8:15 p.m.15 views

Authentication flaw

An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely...

5CVSS5.2AI score0.00752EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2023/07/11 12:0 a.m.21 views

CVE-2022-48521

An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely...

5.3CVSS6.9AI score0.00752EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/07/11 12:0 a.m.36 views

CVE-2022-48521

An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely...

5.4AI score0.00752EPSS
Exploits0References2
CVE
CVE
added 2023/07/11 12:0 a.m.61 views

CVE-2022-48521

OpenDKIM CVE-2022-48521 affects OpenDKIM up to 2.10.3 and 2.11.x up to 2.11.0-Beta2. The issue: OpenDKIM fails to track ordinal numbers when removing fake Authentication-Results header fields, allowing a remote attacker to craft an email that appears to have a valid DKIM signature when it does no...

5.3CVSS5AI score0.00752EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/07/11 12:0 a.m.23 views

CVE-2022-48521

An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely...

5.3CVSS7.1AI score0.00752EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2023/07/11 12:0 a.m.24 views

CVE-2022-48521

An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely...

5.3CVSS5.1AI score0.00752EPSS
Exploits0
CNVD
CNVD
added 2021/05/07 12:0 a.m.14 views

Exim Out-of-Bounds Read Vulnerability

Exim was developed at Cambridge University as a Message Transfer Agent MTA for Unix systems connected to the Internet. Exim suffers from an out-of-bounds read vulnerability that stems from pdkimfinishbodyhash not validating the relationship between sig-bodyhash.len and b-bh.len, which can be...

7.5CVSS6.2AI score0.02764EPSS
Exploits1References1
NVD
NVD
added 2021/05/06 1:15 p.m.14 views

CVE-2020-28025

Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkimfinishbodyhash does not validate the relationship between sig-bodyhash.len and b-bh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory...

7.5CVSS0.02764EPSS
Exploits1References1
Prion
Prion
added 2021/05/06 1:15 p.m.29 views

Design/Logic Flaw

Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkimfinishbodyhash does not validate the relationship between sig-bodyhash.len and b-bh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory...

5CVSS8.1AI score0.02764EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/05/06 4:36 a.m.33 views

CVE-2020-28025

Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkimfinishbodyhash does not validate the relationship between sig-bodyhash.len and b-bh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory...

8.3AI score0.02764EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2021/05/06 4:36 a.m.46 views

CVE-2020-28025

Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkimfinishbodyhash does not validate the relationship between sig-bodyhash.len and b-bh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory...

7.5CVSS7.5AI score0.02764EPSS
Exploits1References1
CVE
CVE
added 2021/05/06 4:36 a.m.334 views

CVE-2020-28025

Exim 4 prior to 4.94.2 is affected by CVE-2020-28025 (Out-of-bounds Read). The flaw is due to pdkim_finish_bodyhash not validating the relationship between sig->bodyhash.len and b->bh.len, which can allow leakage of sensitive information from process memory via a crafted DKIM-Signature head...

7.5CVSS7AI score0.02764EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2021/05/06 4:36 a.m.27 views

CVE-2020-28025

Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkimfinishbodyhash does not validate the relationship between sig-bodyhash.len and b-bh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory...

7.5CVSS7.8AI score0.02764EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2021/05/04 1:30 p.m.26 views

CVE-2020-28025

Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkimfinishbodyhash does not validate the relationship between sig-bodyhash.len and b-bh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory...

7.5CVSS7.1AI score0.02764EPSS
Exploits1References3
Hacker One
Hacker One
added 2019/11/08 1:7 a.m.28 views

Mail.ru: An implementation flaw in Mail.ru can be exploited for DKIM signature spoofing and email spoofing

Domain, site, application -- https://e.mail.ru Quick note: this report is different from my previous report Report 727233 , and is not policy configuration or enforcement issue as well. TL;DR --------- This report disclosure an implementation bug, which chains multiple features in the Mail.ru...

Exploits0
Rows per page
Query Builder