Lucene search
K

8 matches found

HackRead
HackRead
added 2025/05/30 1:19 p.m.36 views

Threat Actor Claims TikTok Breach, Puts 428 Million Records Up for Sale

Alleged TikTok Breach: Threat actor “Often9” claims to sell 428M user records, including emails, phones, and account details on dark web forum. TikTok is investigating!...

7.3AI score
Exploits0
CVE
CVE
added 2024/11/15 5:34 p.m.85 views

CVE-2024-52508

CVE-2024-52508 affects Nextcloud Mail. The auto configuration flow can cause email account details to be sent to an attacker-controlled autoconfig.tld when a user’s domain cannot auto-configure. Affected Nextcloud Mail versions include pre-1.14.6, pre-1.15.4, pre-2.2.11, pre-3.6.3, pre-3.7.7, and...

8.2CVSS8.2AI score0.00698EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2024/11/15 12:0 a.m.6 views

Nextcloud Mail 信息泄露漏洞

Nextcloud Mail is an email from Nextcloud Germany. An information disclosure vulnerability exists in Nextcloud Mail. An attacker who exploits this vulnerability by registering autoconfig.tld will have the email details used sent to the attacker's server...

8.2CVSS6AI score0.00698EPSS
Exploits0References4
Malwarebytes
Malwarebytes
added 2022/12/21 2:0 a.m.21 views

Millions of Gemini cryptocurrency exchange user details leaked

If youre a user of the Gemini cryptocurrency exchange, its time to be on your guard against phishing attacks. Gemini says its own systems have not been compromised, but an unnamed third party has become the focal point for a breach. On December 13 or some point before, rogues gained access to jus...

6.8AI score
Exploits0
Github Security Blog
Github Security Blog
added 2022/05/14 1:28 a.m.38 views

Improper Input Validation Apache Commons Email

If a user of Apache Commons Email typically an application programmer passes unvalidated input as the so-called "Bounce Address", and that input contains line-breaks, then the email details recipients, contents, etc. might be manipulated. Mitigation: Users should upgrade to Commons-Email 1.5. You...

7.5CVSS2.8AI score0.02863EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/06/26 2:29 p.m.5 views

CVE-2018-0557

Stored cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'E-mail Details Screen' via unspecified vectors...

6.1CVSS5.9AI score0.00809EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/05/22 6:26 a.m.4 views

Multiple cross-site scripting vulnerabilities in Cybozu Mailwise

Overview Cybozu Mailwise contains multiple cross-site scripting vulnerabilities below. Stored cross-site scripting vulnerability in "E-mail Details Screen" CWE-79 - CVE-2018-0557 Reflected cross-site scripting vulnerability in "System settings" CWE-79 - CVE-2018-0558 Reflected cross-site scriptin...

6.1CVSS6AI score0.00809EPSS
Exploits0References11
CNVD
CNVD
added 2018/05/22 12:0 a.m.3 views

Cybozu Mailwise Cross-Site Scripting Vulnerability

Cybozu Mailwise is a Web-based e-mail system from Cybozu, and E-mail Details Screen is one of the components for viewing e-mail details. A cross-site scripting vulnerability exists in E-mail Details Screen in Cybozu Mailwise versions 5.0.0 through 5.4.1. A remote attacker can use this vulnerabili...

6.1CVSS6AI score0.00809EPSS
Exploits0References1
Rows per page
Query Builder