Lucene search
K

23 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-3336

Malware in sbrugna...

8.8CVSS8.8AI score0.00477EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-9998

Malware in sbrugna...

9.8CVSS9.2AI score0.01184EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-20330

Malware in sbrugna...

4.3CVSS4.9AI score0.00546EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-0932

Malware in sbrugna...

9.8CVSS9.3AI score0.02316EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2004-2761

Malware in sbrugna...

7.5CVSS7.5AI score0.06858EPSS
Exploits1References15
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-41286

Malicious code in bioql PyPI...

8.2CVSS6.4AI score0.00366EPSS
Exploits0References1
CNVD
CNVD
added 2024/09/09 12:0 a.m.9 views

akademy cross-site scripting vulnerability

akademy is a school management system. A cross-site scripting vulnerability exists in akademy, which stems from an incorrect manipulation of the parameter emailAddress. No details of the vulnerability are provided at this time...

5.4CVSS6.2AI score0.00449EPSS
Exploits1References1
CNVD
CNVD
added 2024/05/07 12:0 a.m.2 views

Lunary Input Validation Error Vulnerability

lunary is a production toolkit for LLM. An input validation error vulnerability exists in lunary that stems from improper validation of email addresses during the registration process and can be exploited by an attacker to create multiple accounts with the same email address by changing the case ...

9.1CVSS7.5AI score0.00561EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/02/02 4:32 a.m.14 views

CVE-2024-0685 Ninja Forms Contact Form <= 3.7.1 - Unauthenticated Second Order SQL Injection

The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Second Order SQL Injection via the email address value submitted through forms in all versions up to, and including, 3.7.1 due to insufficient escaping on the user supplied parameter...

5.9CVSS7.3AI score0.00778EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/10/30 12:0 a.m.6 views

PT-2023-29870 · Unknown · Jumpserver

Name of the Vulnerable Software and Affected Versions: JumpServer versions prior to 3.8.0 Description: The issue concerns the default email address for the initial admin user, which is set to [email protected]. This could potentially affect password reset functionality if the domain mycompany.c...

5.3CVSS5.3AI score0.00316EPSS
Exploits0References4
OSV
OSV
added 2022/05/17 12:18 a.m.13 views

GHSA-HGR8-G756-VMG9 Zeta Components Mail Arbitrary code execution via a crafted email address

The send function in the ezcMailMtaTransport class in Zeta Components Mail before 1.8.2 does not properly restrict the set of characters used in the ezcMail returnPath property, which might allow remote attackers to execute arbitrary code via a crafted email address, as demonstrated by one...

8.1CVSS8.1AI score0.10652EPSS
Exploits3References9
OPENSUSE Linux
OPENSUSE Linux
added 2021/05/05 12:0 a.m.30 views

Security update for postsrsd (moderate)

openSUSE Security Update: Security update for postsrsd Announcement ID: openSUSE-SU-2021:0669-1 Rating: moderate References: 1180251 Cross-References: CVE-2020-35573 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes one vulnerability is now available. Description: This update...

7.5CVSS7.4AI score0.02657EPSS
Exploits0References1
Debian
Debian
added 2019/12/18 4:50 p.m.61 views

[SECURITY] [DLA 2042-1] python-django security update

Package : python-django Version : 1.7.11-1+deb8u8 CVE ID : CVE-2019-19844 Debian Bug : 946937 It was discovered that there was a potential account hijack vulnerabilility in Django, the Python-based web development framework. Djangos password-reset form used a case-insensitive query to retrieve...

9.8CVSS9.6AI score0.3481EPSS
Exploits7
OSV
OSV
added 2019/01/23 3:50 p.m.8 views

MGASA-2019-0046 Updated perl-Email-Address package fixes security vulnerability

The parse method in the Email::Address module through 1.912 for Perl can consume a large amount of resources on specially prepared input, leading to Denial of Service. Prepared special input that caused this problem contained 30 form-field characters "\f" CVE-2018-12558...

7.5CVSS7.4AI score0.0265EPSS
Exploits0References3
OSV
OSV
added 2016/11/25 5:4 p.m.10 views

MGASA-2016-0397 Updated perl-Email-Address packages fix security vulnerability

Pali Rohár discovered a possible DoS attack in any software which uses the Email::Address Perl module for parsing string input to a list of email addresses. Note that this issue has only been partially mitigated in Email::Address itself...

7.8CVSS7.9AI score0.03072EPSS
Exploits0References3
OSV
OSV
added 2015/10/06 1:59 a.m.2 views

DEBIAN-CVE-2015-7686

Algorithmic complexity vulnerability in Address.pm in the Email-Address module 1.908 and earlier for Perl allows remote attackers to cause a denial of service CPU consumption via a crafted string containing a list of e-mail addresses in conjunction with parenthesis characters that can be associat...

7.8CVSS6.5AI score0.03072EPSS
Exploits0References1
Prion
Prion
added 2012/08/26 6:55 p.m.18 views

Code injection

MemberProfileForm in security/Member.php in SilverStripe 2.3.x before 2.3.7 allows remote attackers to hijack user accounts by saving data using the email address ID of another user...

5CVSS7.2AI score0.01547EPSS
Exploits1References6Affected Software1
Prion
Prion
added 2008/05/28 3:32 p.m.16 views

Code injection

scripts/wwwacct in cPanel 11.18.6 STABLE and earlier and 11.23.1 CURRENT and earlier allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field aka Email text box. NOTE: the vendor disputes this, stating "I'm unable to...

8.5CVSS7.7AI score0.04213EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2004/12/01 5:0 a.m.19 views

CVE-2004-1113

SQL injection vulnerability in SQLgrey Postfix greylisting service before 1.2.0 allows remote attackers to execute arbitrary SQL commands via the 1 sender or 2 recipient e-mail addresses...

8.4AI score0.01984EPSS
Exploits0References5
Cvelist
Cvelist
added 2003/03/18 5:0 a.m.15 views

CVE-2002-1526

Cross-site scripting XSS vulnerability in emumail.cgi for EMU Webmail 5.0 allows remote attackers to inject arbitrary HTML or script via the email address field...

5.8AI score0.03917EPSS
Exploits1References3
Rows per page
Query Builder