Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-4978

Malware in sbrugna...

6.1CVSS6.3AI score0.01009EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2001-1519

Malware in sbrugna...

7.5CVSS6.4AI score0.02821EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-20707

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00526EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/05/14 4:56 p.m.6 views

CVE-2025-3932 Tracking Links in Attachments Bypassed Remote Content Blocking

It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web...

6.8AI score0.00314EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/05/01 12:0 a.m.6 views

PT-2025-18713 · Sematell · Sematell Replyone

Name of the Vulnerable Software and Affected Versions: Sematell ReplyOne version 7.4.3.0 Description: The issue allows for cross-site scripting XSS attacks through a ReplyDesk e-mail attachment name. This means an attacker could potentially inject malicious scripts into the system by manipulating...

6.1CVSS5.4AI score0.00228EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/04/15 3:6 p.m.6 views

CVE-2025-3523 User Interface (UI) Misrepresentation of attachment URL

When an email contains multiple attachments with external links via the X-Mozilla-External-Attachment-URL header, only the last link is shown when hovering over any attachment. Although the correct link is used on click, the misleading hover text could trick users into downloading content from...

6.6AI score0.0028EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2018/03/27 4:0 p.m.7 views

CVE-2018-6882

Cross-site scripting XSS vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite ZCS before 8.7 Patch 1 and 8.8.x before 8.8.7 might allow remote attackers to inject arbitrary web script or HTML via a Content-Location header in an email attachment...

6AI score0.23717EPSS
Exploits2References6
Cvelist
Cvelist
added 2013/12/07 8:0 p.m.27 views

CVE-2013-4478

Sup before 0.13.2.1 and 0.14.x before 0.14.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an email attachment...

7.4AI score0.02138EPSS
Exploits1References7
Cvelist
Cvelist
added 2010/03/22 5:23 p.m.25 views

CVE-2010-0163

Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted message,...

7AI score0.03186EPSS
Exploits1References13
exploitpack
exploitpack
added 2004/04/15 12:0 a.m.20 views

SCT Campus Pipeline 1.02.x3.x - Email Attachment Script Injection

SCT Campus Pipeline 1.02.x3.x - Email Attachment Script Injection source: https://www.securityfocus.com/bid/10154/info It has been reported that Campus Pipeline is prone to a remote email attachment script injection vulnerability. This issue is due to a failure of the application to properly...

7.7AI score
Exploits0
Exploit DB
Exploit DB
added 2004/04/15 12:0 a.m.33 views

SCT Campus Pipeline 1.0/2.x/3.x - Email Attachment Script Injection

source: https://www.securityfocus.com/bid/10154/info It has been reported that Campus Pipeline is prone to a remote email attachment script injection vulnerability. This issue is due to a failure of the application to properly sanitize user supplied HTML and script code contained in email...

7.4AI score
Exploits0
NVD
NVD
added 2001/12/31 5:0 a.m.15 views

CVE-2001-1542

NAI WebShield SMTP 4.5 and possibly 4.5 MR1a does not filter improperly MIME encoded email attachments, which could allow remote attackers to bypass filtering and possibly execute arbitrary code in email clients that process the invalid attachments...

7.5CVSS7.6AI score0.02821EPSS
Exploits0References3
NVD
NVD
added 2001/07/21 4:0 a.m.21 views

CVE-2000-0891

A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email...

7.5CVSS7.5AI score0.02988EPSS
Exploits1References3
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.25 views

Security Update For Exchange Server 2016 CU8 (KB4092041)

This security update resolves a vulnerability in Microsoft Exchange Outlook Web Access OWA. The vulnerability could allow elevation of privilege or spoofing in Microsoft Exchange Server if an attacker sends an email message that has a specially crafted attachment to a vulnerable server that is...

6.8AI score
Exploits0
Rows per page
Query Builder