Lucene search
K

6 matches found

Snyk
Snyk
added 2025/10/15 5:39 p.m.4 views

Inadequate Encryption Strength

Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength via the SMTP process. An attacker can intercept sensitive information by performing a man-in-the-middle attack that prevents the use of TLS, causing data to be sent over an unencrypted connection...

8.2CVSS6.6AI score0.00681EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2021/09/20 7:52 p.m.27 views

Remote command injection when using sendmail email transport

Impact Sites using the sendmail transport as part of their mail config are vulnerable to remote command injection due to a vulnerability in the nodemailer dependency. Ghost defaults to the direct transport so this is only exploitable if the sendmail transport is explicitly used. Patches Fixed in...

0.6AI score
Exploits0References4Affected Software1
OSV
OSV
added 2021/09/20 7:52 p.m.13 views

GHSA-WFRJ-QQC2-83CM Remote command injection when using sendmail email transport

Impact Sites using the sendmail transport as part of their mail config are vulnerable to remote command injection due to a vulnerability in the nodemailer dependency. Ghost defaults to the direct transport so this is only exploitable if the sendmail transport is explicitly used. Patches Fixed in...

5.8CVSS7.7AI score
Exploits0References4
CNVD
CNVD
added 2021/07/13 12:0 a.m.39 views

Unauthorized Access Vulnerability in PowerMTA

PowerMTA is an enterprise-class email transport agent MTA for sending high-volume and mission-critical email. An unauthorized access vulnerability exists in PowerMTA. An attacker could exploit the vulnerability to obtain sensitive information, modify configuration, etc...

6.8AI score
Exploits0
CNVD
CNVD
added 2020/01/13 12:0 a.m.2 views

Arbitrary File Read Vulnerability in PowerMTA

PowerMTA is an enterprise-class email transport agent MTA for sending high-volume and mission-critical email. An arbitrary file read vulnerability exists in PowerMTA. An attacker can exploit the vulnerability to obtain arbitrary files...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2012/05/11 2:35 p.m.15 views

New .Secure Global TLD Proposed

A group of security experts is working to put together a new global TLD that will require companies and individuals applying for domains to adhere to strict security policies and requirements. The proposed .secure TLD is intended to be a known safe group of domains and would include mandatory use...

8.2AI score
Exploits0
Rows per page
Query Builder