CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2025/09/19 8:15 a.m.•1 views

CVE-2025-7702

4.7CVSS0.00032EPSS

Cvelist•added 2025/09/19 7:58 a.m.•6 views

CVE-2025-7702 Open Redirect in PUSULA's Manageable Email Sending System

4.7CVSS0.00032EPSS

CVE•added 2025/09/19 7:58 a.m.•9 views

CVE-2025-7702

CVE-2025-7702 describes an open redirect in Pusula Communication Information Internet Industry and Trade Ltd. Co. Manageable Email Sending System. The issue allows exploitation of client trust via URL redirection to an untrusted site, affecting versions up to 2025.06 and prior to 2025.08.06. The ...

4.7CVSS6.4AI score0.00032EPSS

Schneier on Security•added 2024/01/29 12:3 p.m.•12 views

Microsoft Executives Hacked

Microsoft is reporting that a Russian intelligence agency--the same one responsible for SolarWinds--accessed the email system of the companys executives. Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and ga...

7.3AI score

Openbugbounty•added 2022/01/31 9:58 a.m.•7 views

mail.vasarnapisnyitva.eu Cross Site Scripting vulnerability OBB-2351572

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score

CNVD•added 2022/01/25 12:0 a.m.•25 views

libspf2 buffer overflow vulnerability (CNVD-2022-19089)

libspf2 is a library that allows email systems such as Sendmail, Postfix, Exim, Zmailer, and MS Exchange to check SPF records and ensure that email is authorized from its domain. This prevents email forgery commonly used by spammers, scammers and email viruses/worms. libspf2 suffers from a buffer...

9.8CVSS5.5AI score0.01346EPSS

Exploits1References1

ThreatPost•added 2021/10/26 4:50 p.m.•28 views

Attackers Hijack Craigslist Emails to Bypass Security, Deliver Malware

Musical instruments, motorcycle parts and now malware — Craigslist really does have it all. The Craigslist internal email system was hijacked by attackers this month to deliver convincing messages, ultimately aimed at avoiding Microsoft Office security controls in order to deliver malware. Sent...

7AI score

Exploits0References5

CNVD•added 2021/04/23 12:0 a.m.•2 views

Unauthorized Access Vulnerability in eYou Email System

eYou email system is a powerful email system software with independent intellectual property rights, developed by EYou. An unauthorized access vulnerability exists in the eYou email system, which can be exploited by attackers to obtain sensitive information...

6.8AI score

CNVD•added 2021/04/23 12:0 a.m.•0 views

Command Execution Vulnerability in eYou Email System

eYou email system is a powerful email system software with independent intellectual property rights, developed by EYou. A command execution vulnerability exists in the eYou email system, which can be exploited by an attacker to gain control of the server...

CNVD•added 2021/04/22 12:0 a.m.•49 views

Command Execution Vulnerability in the ghost plugin of YMail Email System

E-Mail Email System is a mail system software developed by E-Mail. A command execution vulnerability exists in the ghost plugin of YMS Email System, which can be exploited by attackers to gain control of the server...

CNVD•added 2021/04/22 12:0 a.m.•2 views

Command execution vulnerability in the eYou email system (CNVD-2021-32387)

eYou e-mail system is a mail system software with independent intellectual property rights, independently developed by Beijing Yizhong Post Information Technology Co. There is a command execution vulnerability in the eYou email system, which can be exploited by an attacker to gain server control...

seebug.org•added 2021/04/12 12:0 a.m.•18 views

亿邮电子邮件系统远程命令执行漏洞（CNVD-2021-26422）

...

0.8AI score

CNVD•added 2021/04/10 12:0 a.m.•6 views

Remote Command Execution Vulnerability in E-Mail Email System

YZP is a professional mail system software and total solution provider. The remote command execution vulnerability in the YZP email system can be exploited by an attacker to achieve remote command execution without authorization and gain access to the target server...

CNVD•added 2020/11/27 12:0 a.m.•5 views

Coremail XT Cross-Site Scripting Vulnerability

Coremail XT is a set of enterprise-class mail system from China Yingshi Computer Technology Company. The system supports sending and receiving emails, enterprise address book, enterprise cloud disk and schedule synchronization. A cross-site scripting vulnerability exists in jsp/upload.jsp in...

6.1CVSS6.1AI score0.00768EPSS

CNVD•added 2020/08/12 12:0 a.m.•3 views

CyberMail Open Redirect Vulnerability

CyberMail is an e-mail system from CyberSolutions Japan. CyberMail suffers from an open redirection vulnerability. No detailed vulnerability details are available at this time...

6.1CVSS7AI score0.00555EPSS