43 matches found
EUVD-2007-3158
Malware in sbrugna...
EUVD-2018-6275
Malware in sbrugna...
EUVD-2023-28009
Malicious code in bioql PyPI...
Denial Of Service (DoS)
net-imap is vulnerable to Denial Of Service DoS. The vulnerability is due to memory exhaustion due to automatic and unchecked memory allocation when handling large 'literal' byte counts in server responses from untrusted IMAP servers...
RHEL 5 : mutt (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mutt: buffer overflow via base64 data CVE-2018-14359 - An issue was discovered in Mutt before 1.10.1 and...
USN-6654-1: Roundcube Webmail vulnerability
It was discovered that Roundcube Webmail incorrectly sanitized characters in the linkrefs text messages. An attacker could possibly use this issue to execute a cross-site scripting XSS attack. CVE-2023-43770...
U.S. Internet Leaked Years of Internal, Customer Emails
The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence, which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. But until it was notified last week, U.S. Internet was publishi...
[SECURITY] [DLA 3630-1] roundcube security update
Debian LTS Advisory DLA-3630-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin October 24, 2023 https://wiki.debian.org/LTS Package : roundcube Version : 1.3.17+dfsg.1-1deb10u4 CVE ID : CVE-2023-5631 Debian Bug : 1054079 Denys Klymenko discovered a cross-site...
Debian: Security Advisory (DSA-5531-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-537-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-737-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-3657
A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large =2GiB IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for...
Debian: Security Advisory (DSA-5013-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 31 : roundcubemail (2020-b1e023936e)
RELEASE 1.4.8 - Security: Fix potential XSS issue in HTML editor of the identity signature input 7507 - Managesieve: Fix too-small input field in Elastic when using custom headers 7498 - Fix support for an error as a string in messagebeforesend hook 7475 - Elastic: Fix redundant scrollbar in plai...
Fedora 32 : roundcubemail (2020-d0f8f20cfc)
RELEASE 1.4.8 - Security: Fix potential XSS issue in HTML editor of the identity signature input 7507 - Managesieve: Fix too-small input field in Elastic when using custom headers 7498 - Fix support for an error as a string in messagebeforesend hook 7475 - Elastic: Fix redundant scrollbar in plai...
[SECURITY] [DSA 4720-1] roundcube security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4720-1 [email protected] https://www.debian.org/security/ Sebastien Delafond July 08, 2020 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-4674-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.04 / MAIN 5.04 : mutt Multiple Vulnerabilities (NS-SA-2019-0038)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has mutt packages installed that are affected by multiple vulnerabilities: - An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquot...
Debian DSA-4344-1 : roundcube - security update
Aidan Marlin discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, is prone to a cross-site scripting vulnerability in handling invalid style tag content. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
mutt: Remote Code Execution via backquote characters
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription...