17 matches found
Discourse security vulnerabilities
Discourse is an open-source community discussion platform developed by Discourse. This platform includes features such as communities, email communication, and chat rooms. Vulnerabilities exist in versions of Discourse prior to 3.5.4, as well as versions before 2025.11.2, 2025.12.1, and 2026.1.0...
CVE-2022-31263
app/models/user.rb in Mastodon before 3.5.0 allows a bypass of e-mail restrictions...
CVE-2020-10535
GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote attackers to bypass email domain restrictions within the two-day grace period for an unconfirmed email address...
EUVD-2015-4207
Malware in sbrugna...
BIT-GITLAB-2020-10535
GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote attackers to bypass email domain restrictions within the two-day grace period for an unconfirmed email address...
CVE-2022-31263
app/models/user.rb in Mastodon before 3.5.0 allows a bypass of e-mail restrictions...
CVE-2022-31263
app/models/user.rb in Mastodon before 3.5.0 allows a bypass of e-mail restrictions...
CVE-2022-31263
Summary: The CVE affects Mastodon prior to 3.5.0, specifically the file app/models/user.rb, which enables bypassing email-restriction checks. The issue is tied to the Mastodon version prior to 3.5.0 and is not described with exploit details in the provided documents. Root cause / impact: A bypass...
Mastodon 安全漏洞
Mastodon is an open source social networking server based on ActivityPub. A security vulnerability exists in app/models/user.rb in versions prior to Mastodon 3.5.0, which can be exploited by an attacker to bypass email restrictions...
PT-2022-20651 · Mastodon · Mastodon
Name of the Vulnerable Software and Affected Versions: Mastodon versions prior to 3.5.0 Description: The issue allows a bypass of e-mail restrictions in the app/models/user.rb file. Recommendations: For versions prior to 3.5.0, update to version 3.5.0 or later to resolve the issue...
CVE-2020-10535
GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote attackers to bypass email domain restrictions within the two-day grace period for an unconfirmed email address...
CVE-2020-10535
Removed by vendor...
Allow iOS MDM Exchange profile to be set as DEFAULT, and other iOS apps to interact with MAIL
Inform XenMobile Administrators how to allow iOS enrolled users the ability to set the MDM provisioned Exchange profile to be set as default mail account. Users may not see the Exchange account listed in the iOS Mail settings. Additionally users will not be able to send email with this account fr...
Privilege escalation
The anti-spam scanner on Cisco Email Security Appliance ESA devices 3.3.1-09, 7.5.1-gpl-022, and 8.5.6-074 allows remote attackers to bypass intended e-mail restrictions via a malformed DNS SPF record, aka Bug IDs CSCuu35853 and CSCuu37733...
Low: Red Hat Security Advisory: postfix security update
Updated postfix packages that include a security fix and two other bug fixes are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team Postfix is a Mail Transport Agent MTA, supporting LDAP, SMTP AUTH SASL, and...
CVE-2005-0337
Postfix 2.1.3, when /proc/net/ifinet6 is not available and permitmxbackup is enabled in smtpdrecipientrestrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname...
CVE-2005-0337
CVE-2005-0337 affects Postfix 2.1.3 where, if /proc/net/if_inet6 is unavailable and permit_mx_backup is enabled in smtpd_recipient_restrictions, remote attackers can bypass email restrictions and perform mail relaying by delivering to an IPv6 hostname. The issue is a flaw in the IPv6 handling pat...