385 matches found
CVE-2024-30204
In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments...
CVE-2024-30204
In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments...
Emacs 安全漏洞
Gnu emacs is a family of text editors in the American GNU community. Gnu emacs suffers from a security vulnerability that stems from enabling LaTeX preview for email attachments by default. No details of the vulnerability are provided at this time...
PT-2024-23253 · Emacs +7 · Emacs +7
Name of the Vulnerable Software and Affected Versions: Emacs versions prior to 29.3 Description: The issue is related to LaTeX preview being enabled by default for e-mail attachments in Emacs. This could potentially allow attackers to execute remote code. There is no information provided about th...
PT-2024-40224 · Unknown · Nodemailer
Name of the Vulnerable Software and Affected Versions: nodemailer affected versions not specified Description: A ReDoS vulnerability occurs when nodemailer tries to parse img files with the parameter attachDataUrls set, causing the event loop to become stuck. Another flaw was found when nodemaile...
What is Mallox Ransomware
Deciphering the Danger: Decoding Mallox Ransomware. Mallox Ransomware embodies a harmful software element, contributing to an ever-expanding repertoire of digital extortion threats. This cyber menace executes its mission by snaking its way into your computer system, applying a cipher to your data...
PT-2023-32253 · WordPress · Wp Mail Log
Name of the Vulnerable Software and Affected Versions: WP Mail Log WordPress plugin versions prior to 1.1.3 Description: The issue is related to the improper validation of file path parameters when attaching files to emails, leading to local file inclusion. This allows an attacker to leak the...
CVE-2023-49243
Vulnerability of unauthorized access to email attachments in the email module. Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2023-49243
CVE-2023-49243 describes a vulnerability in the Huawei HarmonyOS email module that allows unauthorized access to email attachments, potentially affecting service confidentiality. Multiple connected sources confirm the issue stems from an email-attachment handling weakness across Huawei HarmonyOS/...
CVE-2023-49243
Vulnerability of unauthorized access to email attachments in the email module. Successful exploitation of this vulnerability may affect service confidentiality...
PT-2023-31130 · Unknown · Email Module
Name of the Vulnerable Software and Affected Versions: Email module affected versions not specified Description: The issue concerns unauthorized access to email attachments within the email module, potentially affecting service confidentiality. Recommendations: At the moment, there is no...
Vulnerabilities in Best Practical RT fixed
Vulnerabilities have been fixed in Best Practical Request Tracker RT. The vulnerabilities allow an unauthenticated malicious person able to impersonate an RT user and to download specific email attachments to download. Best Practical has released updates to fix the vulnerabilities fixes in RT. Fo...
CVE-2023-3417
Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This...
Cybersecurity Agencies Sound Alarm on Rising TrueBot Malware Attacks
Cybersecurity agencies have warned about the emergence of new variants of the TrueBot malware. This enhanced threat is now targeting companies in the U.S. and Canada with the intention of extracting confidential data from infiltrated systems. These sophisticated attacks exploit a critical...
PT-2023-17276 · WordPress · Subscribe2
Name of the Vulnerable Software and Affected Versions: Subscribe2 plugin for WordPress versions up to, and including, 10.40 Description: The issue allows for unauthorized access to email functionality due to a missing capability check when sending test emails. This enables author-level attackers ...
CISA Warns of Hurricane/Typhoon-Related Scams
CISA urges users to remain on alert for malicious cyber activity following a natural disaster such as a hurricane or typhoon, as attackers target potential disaster victims by leveraging social engineering tactics, techniques, and procedures TTPs. Social engineering TTPs include phishing attacks...
The Bitter Group Targets Chinese Agencies with CHM Malware via Email Attachments
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Bitter group targets South Asian government agencies with Office documents and has recently distributed CHM malware to specific Chinese organizations via email attachments. To receive real-time threa...
Mispadu Banking Trojan Targets Latin America: 90,000+ Credentials Stolen
A banking trojan dubbed Mispadu has been linked to multiple spam campaigns targeting countries like Bolivia, Chile, Mexico, Peru, and Portugal with the goal of stealing credentials and delivering other payloads. The activity, which commenced in August 2022, is currently ongoing, the Ocelot Team...
Experts Warn of 'Beep' - A New Evasive Malware That Can Fly Under the Radar
Cybersecurity researchers have unearthed a new piece of evasive malware dubbed Beep that's designed to fly under the radar and drop additional payloads onto a compromised host. "It seemed as if the authors of this malware were trying to implement as many anti-debugging and anti-VM anti-sandbox...
SUSE CVE-2004-0152
Multiple stack-based buffer overflows in 1 the encodemime function, 2 the encodeuuencode function, 3 or the decodeuuencode function for emil 2.1.0 and earlier allow remote attackers to execute arbitrary code via e-mail messages containing attachments with filenames...