36 matches found
CVE-2021-1730
A spoofing vulnerability exists in Microsoft Exchange Server which could result in an attack that would allow a malicious actor to impersonate the user. This update addresses this vulnerability. To prevent these types of attacks, Microsoft recommends customers to download inline images from...
openSUSE Security Update : roundcubemail (openSUSE-2020-1516)
This update for roundcubemail fixes the following issues : roundcubemail was upgraded to 1.3.15 This is a security update to the LTS version 1.3. boo1175135 - Security: Fix cross-site scripting XSS via HTML messages with malicious svg content CVE-2020-16145 - Security: Fix cross-site scripting XS...
Fedora 31 : roundcubemail (2020-5352732865)
RELEASE 1.4.7 - Fix bug where subfolders of special folders could have been duplicated on folder list - Increase maximum size of contact jobtitle and department fields to 128 characters - Fix missing newline after the logged line when writing to stdout 7418 - Elastic: Fix context menu paste on th...
CVE-2020-1766 Improper handling of uploaded inline images
Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. This issue affects: OTRS Community Edition 5.0.x version 5.0.39 and prior...
openSUSE Security Update : MozillaThunderbird (openSUSE-2017-955)
This update for MozillaThunderbird to version 52.3 fixes security issues and bugs. The following vulnerabilities were fixed : - CVE-2017-7798: XUL injection in the style editor in devtools - CVE-2017-7800: Use-after-free in WebSockets during disconnection - CVE-2017-7801: Use-after-free with...
Security update for MozillaThunderbird (important)
This update for MozillaThunderbird to version 52.3 fixes security issues and bugs. The following vulnerabilities were fixed: - CVE-2017-7798: XUL injection in the style editor in devtools - CVE-2017-7800: Use-after-free in WebSockets during disconnection - CVE-2017-7801: Use-after-free with marqu...
[SECURITY] Fedora 25 Update: gd-2.2.3-5.fc25
The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the...
Open-Xchange App Suite 7.8.2 Cross Site Scripting
Product: OX App Suite Vendor: OX Software GmbH Internal reference: 46484 Bug ID Vulnerability type: Cross Site Scripting CWE-80 Vulnerable version: 7.8.2 and earlier Vulnerable component: frontend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.6.2-rev46, 7.6.3-rev1...
[SECURITY] Fedora 24 Update: w3m-0.5.3-24.fc24
The w3m program is a pager or text file viewer that can also be used as a text-mode Web browser. W3m features include the following: when reading an HTML document, you can follow links and view images using an external image viewer; its internet message mode determines the type of document from t...
CVE-2014-8839
Spotlight in Apple OS X before 10.10.2 does not enforce the Mail "Load remote content in messages" configuration, which allows remote attackers to discover recipient IP addresses by including an inline image in an HTML e-mail message and logging HTTP requests for this image's URL...
[SECURITY] Fedora 21 Update: gd-2.1.0-8.fc21
The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the...
OTRS < 2.4.7 AgentTicketForward Information Disclosure Vulnerability
Open Ticket Request System OTRS is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Pidgin MXit Message Parsing Buffer Overflow Vulnerability - Windows
Pidgin is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2010-4766
The AgentTicketForward feature in Open Ticket Request System OTRS before 2.4.7 does not properly remove inline images from HTML e-mail messages, which allows remote attackers to obtain potentially sensitive image information in opportunistic circumstances by reading a forwarded message in a...
DEBIAN-CVE-2010-4766
The AgentTicketForward feature in Open Ticket Request System OTRS before 2.4.7 does not properly remove inline images from HTML e-mail messages, which allows remote attackers to obtain potentially sensitive image information in opportunistic circumstances by reading a forwarded message in a...
Fedora Update for w3m FEDORA-2007-077
Check for the Version of w3m OpenVAS Vulnerability Test Fedora Update for w3m FEDORA-2007-077 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of th...