Lucene search
K

75 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:54 a.m.8 views

CVE-2021-41083

Dada Mail is a web-based e-mail list management system. In affected versions a bad actor could give someone a carefully crafted web page via email, SMS, etc, that - when visited, allows them control of the list control panel as if the bad actor was logged in themselves. This includes changing any...

8.8CVSS7AI score0.00392EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/16 6:44 p.m.3 views

CVE-2025-62425 Matrix Authentication Service account password can be changed using an authenticated session without supplying the current password

MAS Matrix Authentication Service is a user management and authentication service for Matrix homeservers, written and maintained by Element. A logic flaw in matrix-authentication-service 0.20.0 through 1.4.0 allows an attacker with access to an authenticated MAS session to perform sensitive...

8.3CVSS6.4AI score0.00427EPSS
Exploits0References2
OSV
OSV
added 2025/10/16 6:44 p.m.5 views

CVE-2025-62425 Matrix Authentication Service account password can be changed using an authenticated session without supplying the current password

MAS Matrix Authentication Service is a user management and authentication service for Matrix homeservers, written and maintained by Element. A logic flaw in matrix-authentication-service 0.20.0 through 1.4.0 allows an attacker with access to an authenticated MAS session to perform sensitive...

8.3CVSS6.8AI score0.00427EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-1429

Malware in sbrugna...

3.5CVSS6.4AI score0.00773EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-0544

Malware in sbrugna...

5CVSS6.4AI score0.02223EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-1141

Malware in sbrugna...

5.4CVSS5.6AI score0.00526EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-13418

Malware in sbrugna...

3.3CVSS4.2AI score0.00343EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-4085

Malware in sbrugna...

2.1CVSS6.4AI score0.00366EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-52432

Malicious code in bioql PyPI...

8CVSS7.9AI score0.00675EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-52431

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00596EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-52433

Malicious code in bioql PyPI...

6.5CVSS6.7AI score0.00617EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-52434

Malicious code in bioql PyPI...

6.5CVSS6.7AI score0.00617EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:6 p.m.5 views

CVE-2021-37693

Discourse is an open-source platform for community discussion. In Discourse before versions 2.7.8 and 2.8.0.beta4, when adding additional email addresses to an existing account on a Discourse site an email token is generated as part of the email verification process. Deleting the additional email...

7.5CVSS6.7AI score0.00833EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:48 a.m.13 views

CVE-2011-4142

The Web Search feature in EMC SourceOne Email Management 6.5 before 6.5.2.4033, 6.6 before 6.6.1.2194, and 6.7 before 6.7.2.2033 places cleartext credentials in log files, which allows local users to obtain sensitive information by reading these files...

2.1CVSS6.2AI score0.00366EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/05/06 12:0 a.m.4 views

The vulnerability of the Apache James deployment and corporate email management software lies in its insufficient validation of input data, allowing attackers to trigger service failures.

The vulnerability of the Apache James software for deploying and managing corporate email is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures...

8.6CVSS5.5AI score0.00802EPSS
Exploits0References2Affected Software1
GithubExploit
GithubExploit
added 2024/08/21 4:14 a.m.163 views

Exploit for Weak Password Recovery Mechanism for Forgotten Password in Gitlab

CVE-2023-7028 | Account-Take-Over Gitlab Disclamer This co...

10CVSS9.2AI score0.94955EPSS
Exploits16
GithubExploit
GithubExploit
added 2024/01/23 10:37 a.m.261 views

Exploit for Weak Password Recovery Mechanism for Forgotten Password in Gitlab

CVE-2023-7028 | Account-Take-Over Gitlab Disclamer This co...

10CVSS9.2AI score0.94955EPSS
Exploits16
GithubExploit
GithubExploit
added 2024/01/12 6:29 p.m.455 views

Exploit for Weak Password Recovery Mechanism for Forgotten Password in Gitlab

CVE-2023-7028 | Account-Take-Over Gitlab Disclamer This co...

10CVSS9.2AI score0.94955EPSS
Exploits16
NVD
NVD
added 2023/12/15 9:15 a.m.22 views

CVE-2023-48382

Softnext Mail SQR Expert is an email management platform, it has a Local File Inclusion LFI vulnerability in a mail deliver-related URL. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access...

6.5CVSS0.00617EPSS
Exploits0References1
NVD
NVD
added 2023/12/15 9:15 a.m.17 views

CVE-2023-48380

Softnext Mail SQR Expert is an email management platform, it has insufficient filtering for a special character within a spcific function. A remote attacker authenticated as a localhost can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command,...

8CVSS0.00675EPSS
Exploits0References1
Rows per page
Query Builder