62 matches found
EUVD-2008-3662
Malware in sbrugna...
EUVD-2013-5411
Malware in sbrugna...
EUVD-2025-22113
Malicious code in bioql PyPI...
EUVD-2025-22115
Malicious code in bioql PyPI...
EUVD-2025-22112
Malicious code in bioql PyPI...
CVE-2025-52373
Use of hardcoded cryptographic key in BlowFish.cpp in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords used in database connections from hMailServer.ini config file...
CVE-2025-52374
Use of hardcoded cryptographic key in Encryption.cs in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords to other servers from hMailAdmin.exe.config file to access other hMailServer admin consoles with configured connections...
CVE-2025-52372
An issue in hMailServer v.5.8.6 allows a local attacker to obtain sensitive information via the hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini components...
Use of Weak Hash
Overview Affected versions of this package are vulnerable to Use of Weak Hash via the hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini components. A local attacker can access sensitive information by reading these files to obtain an administrator password and running it...
Use of Hard-coded Cryptographic Key
Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key via the use of hardcoded cryptographic key in Encryption.cs. A local attacker can obtain decrypted credentials to other servers from hMailAdmin.exe.config file and access other hMailServer admin...
CVE-2025-52374
Use of hardcoded cryptographic key in Encryption.cs in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords to other servers from hMailAdmin.exe.config file to access other hMailServer admin consoles with configured connections...
CVE-2025-52372
An issue in hMailServer v.5.8.6 allows a local attacker to obtain sensitive information via the hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini components...
CVE-2025-52373
Use of hardcoded cryptographic key in BlowFish.cpp in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords used in database connections from hMailServer.ini config file...
CVE-2025-52373
Use of hardcoded cryptographic key in BlowFish.cpp in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords used in database connections from hMailServer.ini config file...
CVE-2025-52372
An issue in hMailServer v.5.8.6 allows a local attacker to obtain sensitive information via the hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini components...
CVE-2025-52372
An issue in hMailServer v.5.8.6 allows a local attacker to obtain sensitive information via the hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini components...
CVE-2025-52373
Use of hardcoded cryptographic key in BlowFish.cpp in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords used in database connections from hMailServer.ini config file...
CVE-2025-52373
Use of hardcoded cryptographic key in BlowFish.cpp in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords used in database connections from hMailServer.ini config file...
CVE-2025-52374
Use of hardcoded cryptographic key in Encryption.cs in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords to other servers from hMailAdmin.exe.config file to access other hMailServer admin consoles with configured connections...
hMailServer 安全漏洞
hMailServer is an open source mail server from hMailServer Open Source. A security vulnerability exists in hMailServer version 5.8.6 and 5.6.9-beta, which stems from the use of a hard-coded key in Encryption.cs, which may lead to decryption of other server passwords...