62 matches found
EUVD-2008-3662
Malware in sbrugna...
EUVD-2013-5411
Malware in sbrugna...
EUVD-2025-22113
Malicious code in bioql PyPI...
EUVD-2025-22112
Malicious code in bioql PyPI...
EUVD-2025-22115
Malicious code in bioql PyPI...
CVE-2025-52373
Use of hardcoded cryptographic key in BlowFish.cpp in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords used in database connections from hMailServer.ini config file...
CVE-2025-52374
Use of hardcoded cryptographic key in Encryption.cs in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords to other servers from hMailAdmin.exe.config file to access other hMailServer admin consoles with configured connections...
CVE-2025-52372
An issue in hMailServer v.5.8.6 allows a local attacker to obtain sensitive information via the hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini components...
Use of Weak Hash
Overview Affected versions of this package are vulnerable to Use of Weak Hash via the hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini components. A local attacker can access sensitive information by reading these files to obtain an administrator password and running it...
Use of Hard-coded Cryptographic Key
Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key via the use of hardcoded cryptographic key in Encryption.cs. A local attacker can obtain decrypted credentials to other servers from hMailAdmin.exe.config file and access other hMailServer admin...
CVE-2025-52374
Use of hardcoded cryptographic key in Encryption.cs in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords to other servers from hMailAdmin.exe.config file to access other hMailServer admin consoles with configured connections...
CVE-2025-52372
An issue in hMailServer v.5.8.6 allows a local attacker to obtain sensitive information via the hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini components...
CVE-2025-52372
An issue in hMailServer v.5.8.6 allows a local attacker to obtain sensitive information via the hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini components...
CVE-2025-52373
Use of hardcoded cryptographic key in BlowFish.cpp in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords used in database connections from hMailServer.ini config file...
CVE-2025-52373
Use of hardcoded cryptographic key in BlowFish.cpp in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords used in database connections from hMailServer.ini config file...
PT-2025-30301 · Unknown · Hmailserver
Name of the Vulnerable Software and Affected Versions: hMailServer versions 5.6.9-beta hMailServer versions 5.8.6 Description: The software contains a hardcoded cryptographic key in the BlowFish.cpp file. This allows an attacker to decrypt passwords used in database connections from the...
CVE-2025-52374
Use of hardcoded cryptographic key in Encryption.cs in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords to other servers from hMailAdmin.exe.config file to access other hMailServer admin consoles with configured connections...
CVE-2025-52373
The CVE-2025-52373 entry describes a vulnerability in hMailServer where a hardcoded cryptographic key in BlowFish.cpp affects versions 5.8.6 and 5.6.9-beta. This enables an attacker to decrypt passwords used for database connections from hMailServer.ini. The impact is disclosure of stored DB cred...
CVE-2025-52372
An issue in hMailServer v.5.8.6 allows a local attacker to obtain sensitive information via the hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini components...
PT-2025-30302 · Unknown · Hmailserver
Name of the Vulnerable Software and Affected Versions: hMailServer versions 5.6.9-beta through 5.8.6 Description: The software uses a hardcoded cryptographic key in the Encryption.cs file. This allows an attacker to decrypt passwords for other servers stored in the hMailAdmin.exe.config file,...