EUVD-2023-53096

Malicious code in bioql PyPI...

EUVD-2025-21774

Malicious code in bioql PyPI...

CVE-2024-41960

mailcow: dockerized is an open source groupware/email suite based on docker. An authenticated admin user can inject a JavaScript payload into the Relay Hosts configuration. The injected payload is executed whenever the configuration page is viewed, enabling the attacker to execute arbitrary scrip...

CVE-2024-41960

CVE-2024-41960 affects mailcow: dockerized (Relay Hosts configuration). An authenticated admin can inject a JavaScript payload into the Relay Hosts config, and the payload executes in the user’s browser when the configuration page is viewed, enabling arbitrary script execution in the user context...

CVE-2024-41958 Two-Factor Authentication (2FA) Bypass in mailcow: dockerized

mailcow: dockerized is an open source groupware/email suite based on docker. A vulnerability has been discovered in the two-factor authentication 2FA mechanism. This flaw allows an authenticated attacker to bypass the 2FA protection, enabling unauthorized access to other accounts that are otherwi...

CVE-2023-49077

Mailcow: dockerized is an open source groupware/email suite based on docker. A Cross-Site Scripting XSS vulnerability has been identified within the Quarantine UI of the system. This vulnerability poses a significant threat to administrators who utilize the Quarantine feature. An attacker can sen...

Cross site scripting

Mailcow: dockerized is an open source groupware/email suite based on docker. A Cross-Site Scripting XSS vulnerability has been identified within the Quarantine UI of the system. This vulnerability poses a significant threat to administrators who utilize the Quarantine feature. An attacker can sen...

CVE-2023-49077

CVE-2023-49077 affects Mailcow: dockerized. A Cross-Site Scripting (XSS) vulnerability exists in the Quarantine UI, whereby an attacker could leverage a crafted email to execute malicious JavaScript in an administrator’s browser. The issue is documented across multiple sources and has been patche...

CVE-2023-49077 mailcow-dockerized XSS Vulnerability in Quarantine UI Allows Unauthorized Access and Data Manipulation

Mailcow: dockerized is an open source groupware/email suite based on docker. A Cross-Site Scripting XSS vulnerability has been identified within the Quarantine UI of the system. This vulnerability poses a significant threat to administrators who utilize the Quarantine feature. An attacker can sen...

Debian DSA-1512-1 : evolution - format string attack

Ulf Harnhammar discovered that Evolution, the e-mail and groupware suite, had a format string vulnerability in the parsing of encrypted mail messages. If the user opened a specially crafted email message, code execution was possible. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...