Lucene search
K

255 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-43920

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Mailman 2.1.39, as bundled in cPanel and WHM, in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands...

8.1CVSS6AI score0.00493EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.5 views

TencentOS Server 3: mailman:2.1 (TSSA-2022:0093)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0093 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

6.5CVSS6.7AI score0.02698EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/22 6:44 p.m.7 views

CVE-2021-40347

An issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker logged into any account can send a crafted POST request to unsubscribe any user from a mailing list, also revealing whether that address was subscribed in the first place...

5.5CVSS6.5AI score0.01176EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.9 views

Alibaba Cloud Linux 3 : 0194: mailman:2.1 (ALINUX3-SA-2022:0194)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0194 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-42096: GNU Mailman before 2.1.35...

8.8CVSS6.7AI score0.01289EPSS
Exploits0References4
CNVD
CNVD
added 2025/04/28 12:0 a.m.5 views

GNU Mailman Directory Traversal Vulnerability (CNVD-2025-09675)

GNU Mailman is a free suite of software for managing email discussions and email lists from the GNU community in the United States. GNU Mailman suffers from a directory traversal vulnerability that originates from a directory traversal that results in arbitrary file reads. An attacker could use t...

7.5CVSS7.2AI score0.01403EPSS
Exploits3References1
CNVD
CNVD
added 2025/04/28 12:0 a.m.5 views

GNU Mailman Unauthorized List Creation Vulnerability (CNVD-2025-09676)

GNU Mailman is a free suite of software for managing e-mail discussions and e-mail lists from the American GNU community. An unauthorized list creation vulnerability exists in GNU Mailman, which stems from unauthorized creation of lists and could lead to resource abuse. No details of the...

5.3CVSS6.9AI score0.00379EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/26 1:23 a.m.23 views

CVE-2025-43920

GNU Mailman 2.1.39, as bundled in cPanel and WHM, in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE: multiple third parties report that they are unable to reproduce this, regardles...

8.1CVSS6.8AI score0.00493EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/04/26 1:23 a.m.23 views

CVE-2025-43919

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman aka the private archive authentication endpoint via the username parameter. NOTE: multiple third parties report that they are unable t...

7.5CVSS6.3AI score0.01403EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/04/26 1:19 a.m.27 views

CVE-2025-43921

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used...

5.3CVSS5.2AI score0.00379EPSS
Exploits1References1
CNVD
CNVD
added 2025/04/25 12:0 a.m.7 views

GNU Mailman Command Injection Vulnerability

GNU Mailman is a mailing list management software commonly used to create, manage and maintain mailing lists. A command injection vulnerability exists in GNU Mailman. The vulnerability stems from a failure to properly filter shell metacharacters in the subject line of an email message. An attacke...

8.1CVSS8.2AI score0.00493EPSS
Exploits2References1
SUSE CVE
SUSE CVE
added 2025/04/23 2:37 a.m.7 views

SUSE CVE-2025-43920

GNU Mailman 2.1.39, as bundled in cPanel and WHM, in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE: multiple third parties report that they are unable to reproduce this, regardles...

8.1CVSS7.9AI score0.00493EPSS
Exploits2References3
SUSE CVE
SUSE CVE
added 2025/04/23 2:37 a.m.5 views

SUSE CVE-2025-43921

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used...

5.3CVSS7.2AI score0.00379EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2025/04/22 4:55 a.m.974 views

Exploit for Path Traversal in Gnu Mailman

🚨 CVE-2025-43919: Directory Traversal in GNU Mailman 2.1.39...

7.5CVSS7.7AI score0.01403EPSS
Exploits3
NVD
NVD
added 2025/04/20 1:15 a.m.63 views

CVE-2025-43921

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used...

5.3CVSS0.00379EPSS
Exploits1References4
NVD
NVD
added 2025/04/20 1:15 a.m.24 views

CVE-2025-43920

GNU Mailman 2.1.39, as bundled in cPanel and WHM, in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE: multiple third parties report that they are unable to reproduce this, regardles...

8.1CVSS0.00493EPSS
Exploits2References4
NVD
NVD
added 2025/04/20 1:15 a.m.28 views

CVE-2025-43919

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman aka the private archive authentication endpoint via the username parameter. NOTE: multiple third parties report that they are unable t...

7.5CVSS0.01403EPSS
Exploits3References4
OSV
OSV
added 2025/04/20 1:15 a.m.5 views

CVE-2025-43920

GNU Mailman 2.1.39, as bundled in cPanel and WHM, in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE: multiple third parties report that they are unable to reproduce this, regardles...

8.1CVSS6.1AI score0.00493EPSS
Exploits2References4
OSV
OSV
added 2025/04/20 1:15 a.m.1 views

UBUNTU-CVE-2025-43919

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman aka the private archive authentication endpoint via the username parameter. NOTE: multiple third parties report that they are unable t...

7.5CVSS5.9AI score0.01403EPSS
Exploits3References4
OSV
OSV
added 2025/04/20 1:15 a.m.2 views

UBUNTU-CVE-2025-43921

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used...

5.3CVSS5.8AI score0.00379EPSS
Exploits1References4
OSV
OSV
added 2025/04/20 1:15 a.m.3 views

UBUNTU-CVE-2025-43920

GNU Mailman 2.1.39, as bundled in cPanel and WHM, in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE: multiple third parties report that they are unable to reproduce this, regardles...

8.1CVSS6.1AI score0.00493EPSS
Exploits2References4
Rows per page
Query Builder