37 matches found
CVE-2021-31864
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the addissuenotes permission requirement by leveraging the incoming mail handler...
EUVD-2021-18739
Malware in sbrugna...
EUVD-2017-8036
Malware in sbrugna...
[SECURITY] Fedora 41 Update: exim-4.98.1-1.fc41
Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...
PT-2024-22152 · Postal · Postal
Name of the Vulnerable Software and Affected Versions: Postal versions less than 3.0.0 Description: The issue allows for SMTP Smuggling attacks, which may enable incoming e-mails to be spoofed. This could allow an incoming e-mail to be received by Postal, appearing to be from a server that a user...
BIT-REDMINE-2021-31864
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the addissuenotes permission requirement by leveraging the incoming mail handler...
CVE-2021-31864
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the addissuenotes permission requirement by leveraging the incoming mail handler...
CVE-2021-31864
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the addissuenotes permission requirement by leveraging the incoming mail handler...
DEBIAN-CVE-2021-31864
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the addissuenotes permission requirement by leveraging the incoming mail handler...
CVE-2021-31864
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the addissuenotes permission requirement by leveraging the incoming mail handler...
Authentication flaw
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the addissuenotes permission requirement by leveraging the incoming mail handler...
UBUNTU-CVE-2021-31864
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the addissuenotes permission requirement by leveraging the incoming mail handler...
CVE-2021-31864
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the addissuenotes permission requirement by leveraging the incoming mail handler...
CVE-2021-31864
CVE-2021-31864 affects Redmine: upstream versions pre-4.0.9, pre-4.1.3 (4.1.x), and pre-4.2.1 (4.2.x) are vulnerable to an access-restriction bypass via the incoming mail handler, allowing bypass of add_issue_notes permissions. Public sources confirm the issue and list affected releases; Debian L...
Redmine 安全特征问题漏洞
Redmine is a set of open source Web-based project management and defect tracking tools . The product provides project management , issue tracking and role-based access control and other features . A security feature issue vulnerability exists in Redmine versions prior to 4.0.9, 4.1.x series...
PT-2021-4569 · Redmine · Redmine
Name of the Vulnerable Software and Affected Versions: Redmine versions prior to 4.0.9 Redmine versions 4.1.x prior to 4.1.3 Redmine versions 4.2.x prior to 4.2.1 Description: The issue allows attackers to bypass the add issue notes permission requirement by leveraging the incoming mail handler...
[SECURITY] Fedora 30 Update: exim-4.92.3-1.fc30
Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...
[SECURITY] Fedora 29 Update: exim-4.92.2-1.fc29
Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...
CVE-2018-13387
The IncomingMailServers resource in Atlassian JIRA Server before version 7.6.7, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3 and from version 7.10.0 before version 7.10.2 allows remote attackers to inject arbitrary HTML ...
CVE-2017-18039
The IncomingMailServers resource in Atlassian Jira from version 6.2.1 before version 7.4.4 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the messagesThreshold parameter...