Lucene search
K

385 matches found

Vulnrichment
Vulnrichment
added 2024/03/25 12:0 a.m.14 views

CVE-2024-30204

In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments...

6.8AI score0.00471EPSS
Exploits0References14
Cvelist
Cvelist
added 2024/03/25 12:0 a.m.18 views

CVE-2024-30204

In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments...

6.7AI score0.00471EPSS
Exploits0References14
CNNVD
CNNVD
added 2024/03/25 12:0 a.m.3 views

Emacs 安全漏洞

Gnu emacs is a family of text editors in the American GNU community. Gnu emacs suffers from a security vulnerability that stems from enabling LaTeX preview for email attachments by default. No details of the vulnerability are provided at this time...

2.8CVSS9AI score0.00471EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/03/25 12:0 a.m.3 views

PT-2024-23253 · Emacs +7 · Emacs +7

Name of the Vulnerable Software and Affected Versions: Emacs versions prior to 29.3 Description: The issue is related to LaTeX preview being enabled by default for e-mail attachments in Emacs. This could potentially allow attackers to execute remote code. There is no information provided about th...

9.8CVSS6.5AI score0.01639EPSS
Exploits0References107
Positive Technologies
Positive Technologies
added 2024/01/31 12:0 a.m.6 views

PT-2024-40224 · Unknown · Nodemailer

Name of the Vulnerable Software and Affected Versions: nodemailer affected versions not specified Description: A ReDoS vulnerability occurs when nodemailer tries to parse img files with the parameter attachDataUrls set, causing the event loop to become stuck. Another flaw was found when nodemaile...

5.3CVSS6.8AI score
Exploits0References6
Wallarm Lab
Wallarm Lab
added 2024/01/12 3:57 p.m.20 views

What is Mallox Ransomware

Deciphering the Danger: Decoding Mallox Ransomware. Mallox Ransomware embodies a harmful software element, contributing to an ever-expanding repertoire of digital extortion threats. This cyber menace executes its mission by snaking its way into your computer system, applying a cipher to your data...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/12/26 12:0 a.m.6 views

PT-2023-32253 · WordPress · Wp Mail Log

Name of the Vulnerable Software and Affected Versions: WP Mail Log WordPress plugin versions prior to 1.1.3 Description: The issue is related to the improper validation of file path parameters when attaching files to emails, leading to local file inclusion. This allows an attacker to leak the...

6.5CVSS6.2AI score0.00707EPSS
Exploits2References7
OSV
OSV
added 2023/12/06 9:15 a.m.6 views

CVE-2023-49243

Vulnerability of unauthorized access to email attachments in the email module. Successful exploitation of this vulnerability may affect service confidentiality...

7.5CVSS5.8AI score0.00443EPSS
Exploits0References2
CVE
CVE
added 2023/12/06 8:56 a.m.52 views

CVE-2023-49243

CVE-2023-49243 describes a vulnerability in the Huawei HarmonyOS email module that allows unauthorized access to email attachments, potentially affecting service confidentiality. Multiple connected sources confirm the issue stems from an email-attachment handling weakness across Huawei HarmonyOS/...

7.5CVSS7.3AI score0.00443EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/12/06 8:56 a.m.30 views

CVE-2023-49243

Vulnerability of unauthorized access to email attachments in the email module. Successful exploitation of this vulnerability may affect service confidentiality...

7.6AI score0.00443EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/06 12:0 a.m.4 views

PT-2023-31130 · Unknown · Email Module

Name of the Vulnerable Software and Affected Versions: Email module affected versions not specified Description: The issue concerns unauthorized access to email attachments within the email module, potentially affecting service confidentiality. Recommendations: At the moment, there is no...

7.5CVSS7.4AI score0.00443EPSS
Exploits0References4
NCSC
NCSC
added 2023/10/20 12:0 a.m.3 views

Vulnerabilities in Best Practical RT fixed

Vulnerabilities have been fixed in Best Practical Request Tracker RT. The vulnerabilities allow an unauthenticated malicious person able to impersonate an RT user and to download specific email attachments to download. Best Practical has released updates to fix the vulnerabilities fixes in RT. Fo...

7.5CVSS7.2AI score0.00717EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/07/24 10:9 a.m.24 views

CVE-2023-3417

Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This...

6.8AI score0.00556EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2023/07/07 5:12 a.m.31 views

Cybersecurity Agencies Sound Alarm on Rising TrueBot Malware Attacks

Cybersecurity agencies have warned about the emergence of new variants of the TrueBot malware. This enhanced threat is now targeting companies in the U.S. and Canada with the intention of extracting confidential data from infiltrated systems. These sophisticated attacks exploit a critical...

9.8CVSS8.1AI score0.36009EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2023/06/28 12:0 a.m.9 views

PT-2023-17276 · WordPress · Subscribe2

Name of the Vulnerable Software and Affected Versions: Subscribe2 plugin for WordPress versions up to, and including, 10.40 Description: The issue allows for unauthorized access to email functionality due to a missing capability check when sending test emails. This enables author-level attackers ...

4.3CVSS5.5AI score0.00508EPSS
Exploits0References8
CISA
CISA
added 2023/05/25 12:0 p.m.5 views

CISA Warns of Hurricane/Typhoon-Related Scams

CISA urges users to remain on alert for malicious cyber activity following a natural disaster such as a hurricane or typhoon, as attackers target potential disaster victims by leveraging social engineering tactics, techniques, and procedures TTPs. Social engineering TTPs include phishing attacks...

6.9AI score
Exploits0References4
hivepro
hivepro
added 2023/04/17 6:48 a.m.11 views

The Bitter Group Targets Chinese Agencies with CHM Malware via Email Attachments

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Bitter group targets South Asian government agencies with Office documents and has recently distributed CHM malware to specific Chinese organizations via email attachments. To receive real-time threa...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/20 12:26 p.m.30 views

Mispadu Banking Trojan Targets Latin America: 90,000+ Credentials Stolen

A banking trojan dubbed Mispadu has been linked to multiple spam campaigns targeting countries like Bolivia, Chile, Mexico, Peru, and Portugal with the goal of stealing credentials and delivering other payloads. The activity, which commenced in August 2022, is currently ongoing, the Ocelot Team...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/15 9:25 a.m.49 views

Experts Warn of 'Beep' - A New Evasive Malware That Can Fly Under the Radar

Cybersecurity researchers have unearthed a new piece of evasive malware dubbed Beep that's designed to fly under the radar and drop additional payloads onto a compromised host. "It seemed as if the authors of this malware were trying to implement as many anti-debugging and anti-VM anti-sandbox...

1.4AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 6:21 a.m.6 views

SUSE CVE-2004-0152

Multiple stack-based buffer overflows in 1 the encodemime function, 2 the encodeuuencode function, 3 or the decodeuuencode function for emil 2.1.0 and earlier allow remote attackers to execute arbitrary code via e-mail messages containing attachments with filenames...

7.5CVSS8.2AI score0.04146EPSS
Exploits0References5
Rows per page
Query Builder