Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-4010

Malware in sbrugna...

6.5CVSS6.6AI score0.01254EPSS
Exploits0References4
CVE
CVE
added 2024/10/12 12:0 a.m.60 views

CVE-2024-49193

Zendesk pre-2024-07-02 is affected. The issue arises from processing incoming emails where Cc fields are extracted to grant extra ticket-viewing privileges, combined with an insufficient spoof-detection mechanism and predictable per-ticket support emails. This allows remote attackers to read tick...

7.5CVSS7AI score0.0068EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/10/12 12:0 a.m.17 views

CVE-2024-49193

Zendesk before 2024-07-02 allows remote attackers to read ticket history via e-mail spoofing, because Cc fields are extracted from incoming e-mail messages and used to grant additional authorization for ticket viewing, the mechanism for detecting spoofed e-mail messages is insufficient, and the...

7.2AI score0.0068EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/03/12 8:29 p.m.19 views

CVE-2024-27305 SMTP smuggling in aiosmtpd

aiosmtpd is a reimplementation of the Python stdlib smtpd.py based on asyncio. aiosmtpd is vulnerable to inbound SMTP smuggling. SMTP smuggling is a novel vulnerability based on not so novel interpretation differences of the SMTP protocol. By exploiting SMTP smuggling, an attacker may send...

5.3CVSS5.1AI score0.00371EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/03/12 8:29 p.m.14 views

CVE-2024-27305 SMTP smuggling in aiosmtpd

aiosmtpd is a reimplementation of the Python stdlib smtpd.py based on asyncio. aiosmtpd is vulnerable to inbound SMTP smuggling. SMTP smuggling is a novel vulnerability based on not so novel interpretation differences of the SMTP protocol. By exploiting SMTP smuggling, an attacker may send...

5.3CVSS5.3AI score0.00371EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/03/11 9:18 p.m.19 views

CVE-2024-27938 SMTP Smuggling in Postal

Postal is an open source SMTP server. Postal versions less than 3.0.0 are vulnerable to SMTP Smuggling attacks which may allow incoming e-mails to be spoofed. This, in conjunction with a cooperative outgoing SMTP service, would allow for an incoming e-mail to be received by Postal addressed from ...

5.3CVSS6.8AI score0.00664EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/03/11 9:18 p.m.19 views

CVE-2024-27938 SMTP Smuggling in Postal

Postal is an open source SMTP server. Postal versions less than 3.0.0 are vulnerable to SMTP Smuggling attacks which may allow incoming e-mails to be spoofed. This, in conjunction with a cooperative outgoing SMTP service, would allow for an incoming e-mail to be received by Postal addressed from ...

5.3CVSS5.5AI score0.00664EPSS
Exploits1References4
CVE
CVE
added 2024/03/11 9:18 p.m.90 views

CVE-2024-27938

CVE-2024-27938 concerns Postal, an open source SMTP server. The vulnerability affects Postal versions older than 3.0.0 and enables SMTP Smuggling, potentially allowing an incoming email to be spoofed as if sent from a server the recipient user authorized. The impact is limited to inbound mail flo...

5.3CVSS5.2AI score0.00664EPSS
Exploits1References4Affected Software1
OpenVAS
OpenVAS
added 2024/01/10 12:0 a.m.23 views

Sendmail < 8.18 SMTP Smuggling Vulnerability (Dec 2023)

Sendmail is prone to a SMTP smuggling vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sendmail:sendmail";...

5.3CVSS5.7AI score0.01073EPSS
Exploits2References5
NVD
NVD
added 2022/11/10 9:15 p.m.14 views

CVE-2022-43679

The Docker image of ownCloud Server through 10.11 contains a misconfiguration that renders the trusteddomains config useless. This could be abused to spoof the URL in password-reset e-mail messages...

5.3CVSS0.00323EPSS
Exploits0References1
CVE
CVE
added 2022/03/21 5:24 p.m.80 views

CVE-2022-24236

CVE-2022-24236 : In Snapt Aria v12.8, an insecure permissions issue allows unauthenticated attackers to send emails from spoofed user accounts. The connected sources corroborate the vulnerability and its impact to email abuse, but do not provide concrete remediation details (patch versions/workar...

3.5CVSS4.3AI score0.0055EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2019/07/29 4:10 p.m.40 views

CVE-2016-10765

CVE-2016-10765 affects edx-platform prior to 2016-06-10. The issue permits account activation using a spoofed email address, enabling potential unauthorized activation of user accounts. The provided documents do not specify exploitable vectors, affected versions beyond the date, or remediation/wo...

5.3CVSS5.3AI score0.0076EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2018/06/19 12:0 a.m.26 views

Open-Xchange (OX) App Suite Content Spoofing Vulnerability (Jun 2018)

Open-Xchange OX App Suite is prone to a content spoofing vulnerability. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

6.5CVSS6.3AI score0.08387EPSS
Exploits5References3
myhack58
myhack58
added 2015/11/19 12:0 a.m.25 views

Gmail Android APP vulnerability allows anyone to send fraudulent mail-vulnerability warning-the black bar safety net

! Security researcher Yan Zhu in the Gmail Android APP and found an interesting vulnerability that allows anyone to send an e-mail, leaving the e-mail looks to be other people sent, which is likely for phishers have opened a door for malicious activity. Gmail Android APP the presence of mail frau...

0.9AI score
Exploits0
NVD
NVD
added 2014/12/11 12:59 a.m.23 views

CVE-2014-6319

Outlook Web App OWA in Microsoft Exchange Server 2007 SP3, 2010 SP3, and 2013 SP1 and Cumulative Update 6 does not properly validate tokens in requests, which allows remote attackers to spoof the origin of e-mail messages via unspecified vectors, aka "Outlook Web App Token Spoofing Vulnerability....

5CVSS6.5AI score0.09699EPSS
Exploits0References1
myhack58
myhack58
added 2012/07/16 12:0 a.m.21 views

Site5 WordPress e-mail spoofing vulnerability-vulnerability warning-the black bar safety net

The following is to use the local build of the site5 wordpress Vulnerability file: diary, simploblack, simplo, journalcrunch, boldy, webfolio my $theme = ‘diary’; my $url = $wordpress.’wp-content/themes/’.$ theme.’/ sendmail.php’; My e-mail=“[email protected]; Receiver email address my $receiver...

1.9AI score
Exploits0
securityvulns
securityvulns
added 2008/07/22 12:0 a.m.44 views

E-Mail header Injection in HiFriend

------------------------------------ -------Header Injection---------- ------------------------------------ Script: hifriend.pl Vendor: Hibyte SoftwareVersion: The free one you get from many webpages Dork: "hifriend.pl" + "cgi-bin" ------------------------------------...

0.2AI score
Exploits0
CVE
CVE
added 2006/08/24 8:0 p.m.53 views

CVE-2006-4344

The CVE-2006-4344 issue affects CGI-Rescue Mail F/W System (formd) prior to 8.3. The vulnerability is a CRLF injection in the mail.cgi and query.cgi components that enables remote attackers to spoof emails and inject email headers. The affected functionality is the mailing form/forwarding system,...

5CVSS7.2AI score0.01459EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder