Lucene search
K

385 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-14935

Malicious code in bioql PyPI...

6.5CVSS7AI score0.00363EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-44083

Malicious code in bioql PyPI...

7.5CVSS8.4AI score0.00556EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.30 views

EUVD-2023-1681

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.03191EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-24818

Malicious code in bioql PyPI...

4.3CVSS6.9AI score0.00266EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-47206

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00678EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-42579

Malicious code in bioql PyPI...

7.8CVSS7.2AI score0.00215EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/30 3:35 a.m.12 views

CVE-2025-9762 Post By Email <= 1.0.4b - Unauthenticated Arbitrary File Upload via Email Attachments

The Post By Email plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the saveattachments function in all versions up to, and including, 1.0.4b. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's...

9.8CVSS0.00678EPSS
Exploits0References2
CVE
CVE
added 2025/09/30 3:35 a.m.32 views

CVE-2025-9762

CVE-2025-9762 affects the WordPress plugin Post By Email (versions ≤ 1.0.4b). The vulnerability arises from missing file type validation in save_attachments, allowing unauthenticated arbitrary file uploads to the server, with potential for remote code execution. Wordfence’s vulnerability report q...

9.8CVSS7.2AI score0.00678EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/09/04 4:51 a.m.5 views

In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments.

...

2.8CVSS7AI score0.00475EPSS
Exploits0
OSV
OSV
added 2025/09/02 4:41 p.m.4 views

USN-7729-1 kdepim vulnerabilities

Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, and Jörg Schwenk discovered that the KMail application of KDE PIM could be made to leak the plaintext of S/MIME encrypted emails when retrieving external content in emails. Und...

6.5CVSS7.1AI score0.04219EPSS
Exploits3References5
OSV
OSV
added 2025/07/17 11:3 a.m.10 views

CLSA-2025-1752750189 emacs: Fix of CVE-2024-30204

CVE-2024-30204: disable LaTeX preview for e-mail attachments to protection when untrusted-content is non-nil...

2.8CVSS6.4AI score0.00475EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:8 a.m.7 views

CVE-2024-27448

MailDev 2 through 2.1.0 allows Remote Code Execution via a crafted Content-ID header for an e-mail attachment, leading to lib/mailserver.js writing arbitrary code into the routes.js file...

9.1CVSS7.8AI score0.00904EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:40 a.m.6 views

CVE-2024-23188

Maliciously crafted E-Mail attachment names could be used to temporarily execute script code in the context of the users browser session. Common user interaction is required for the vulnerability to trigger. Attackers could perform malicious API requests or extract information from the users...

6.5CVSS6.9AI score0.00526EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:25 p.m.6 views

CVE-2021-25375

Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote attackers to get attachments of another emails when users open the malicious attachment...

6.5CVSS7AI score0.012EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:4 p.m.8 views

CVE-2009-1286

The IMAP task in the server in IBM Lotus Domino 8.0.2 before FP1 IF1 and 8.5 before IF3 allows remote attackers to cause a denial of service daemon crash via a MIME e-mail message with RFC822 attachments aka blobs containing malformed root entities...

5CVSS6.8AI score0.01835EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 7:40 p.m.9 views

CVE-2001-1542

NAI WebShield SMTP 4.5 and possibly 4.5 MR1a does not filter improperly MIME encoded email attachments, which could allow remote attackers to bypass filtering and possibly execute arbitrary code in email clients that process the invalid attachments...

7.5CVSS8AI score0.02821EPSS
Exploits0References1
OSV
OSV
added 2025/05/14 5:15 p.m.8 views

CVE-2025-3932

It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web...

6.5CVSS6.4AI score
Exploits0References4
Cvelist
Cvelist
added 2025/05/14 4:56 p.m.15 views

CVE-2025-3909 JavaScript Execution via Spoofed PDF Attachment and file:/// Link

Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to application/pdf, Thunderbird may incorrectly render it as HTML when opened,...

0.00363EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/05/01 12:0 a.m.3 views

Sematell ReplyOne 安全漏洞

Sematell ReplyOne is an artificial intelligence-based reply management software from Sematell. A security vulnerability exists in Sematell ReplyOne version 7.4.3.0 that stems from the presence of cross-site scripting via ReplyDesk email attachment names...

6.1CVSS6.2AI score0.00228EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/17 4:8 p.m.10 views

CVE-2025-3523

When an email contains multiple attachments with external links via the X-Mozilla-External-Attachment-URL header, only the last link is shown when hovering over any attachment. Although the correct link is used on click, the misleading hover text could trick users into downloading content from...

6.4CVSS6.5AI score0.0028EPSS
Exploits0References6
Rows per page
Query Builder