CVE-2021-41083

Dada Mail is a web-based e-mail list management system. In affected versions a bad actor could give someone a carefully crafted web page via email, SMS, etc, that - when visited, allows them control of the list control panel as if the bad actor was logged in themselves. This includes changing any...

CVE-2025-62425 Matrix Authentication Service account password can be changed using an authenticated session without supplying the current password

MAS Matrix Authentication Service is a user management and authentication service for Matrix homeservers, written and maintained by Element. A logic flaw in matrix-authentication-service 0.20.0 through 1.4.0 allows an attacker with access to an authenticated MAS session to perform sensitive...

CVE-2025-62425 Matrix Authentication Service account password can be changed using an authenticated session without supplying the current password

MAS Matrix Authentication Service is a user management and authentication service for Matrix homeservers, written and maintained by Element. A logic flaw in matrix-authentication-service 0.20.0 through 1.4.0 allows an attacker with access to an authenticated MAS session to perform sensitive...

EUVD-2011-1429

Malware in sbrugna...

EUVD-2015-0544

Malware in sbrugna...

EUVD-2011-4085

Malware in sbrugna...

EUVD-2019-1141

Malware in sbrugna...

EUVD-2018-13418

Malware in sbrugna...

EUVD-2023-52432

Malicious code in bioql PyPI...

EUVD-2023-52434

Malicious code in bioql PyPI...

EUVD-2023-52433

Malicious code in bioql PyPI...

EUVD-2023-52431

Malicious code in bioql PyPI...

CVE-2021-37693

Discourse is an open-source platform for community discussion. In Discourse before versions 2.7.8 and 2.8.0.beta4, when adding additional email addresses to an existing account on a Discourse site an email token is generated as part of the email verification process. Deleting the additional email...

CVE-2011-4142

The Web Search feature in EMC SourceOne Email Management 6.5 before 6.5.2.4033, 6.6 before 6.6.1.2194, and 6.7 before 6.7.2.2033 places cleartext credentials in log files, which allows local users to obtain sensitive information by reading these files...

The vulnerability of the Apache James deployment and corporate email management software lies in its insufficient validation of input data, allowing attackers to trigger service failures.

The vulnerability of the Apache James software for deploying and managing corporate email is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures...

Exploit for Weak Password Recovery Mechanism for Forgotten Password in Gitlab

CVE-2023-7028 | Account-Take-Over Gitlab Disclamer This co...

Exploit for Weak Password Recovery Mechanism for Forgotten Password in Gitlab

CVE-2023-7028 | Account-Take-Over Gitlab Disclamer This co...

Exploit for Weak Password Recovery Mechanism for Forgotten Password in Gitlab

CVE-2023-7028 | Account-Take-Over Gitlab Disclamer This co...

CVE-2023-48380

Softnext Mail SQR Expert is an email management platform, it has insufficient filtering for a special character within a spcific function. A remote attacker authenticated as a localhost can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command,...

CVE-2023-48382

Softnext Mail SQR Expert is an email management platform, it has a Local File Inclusion LFI vulnerability in a mail deliver-related URL. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access...