Lucene search
K

36 matches found

OSV
OSV
added 2021/02/25 11:15 p.m.2 views

CVE-2021-1730

A spoofing vulnerability exists in Microsoft Exchange Server which could result in an attack that would allow a malicious actor to impersonate the user. This update addresses this vulnerability. To prevent these types of attacks, Microsoft recommends customers to download inline images from...

5.4CVSS6.8AI score0.01817EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/09/30 12:0 a.m.51 views

openSUSE Security Update : roundcubemail (openSUSE-2020-1516)

This update for roundcubemail fixes the following issues : roundcubemail was upgraded to 1.3.15 This is a security update to the LTS version 1.3. boo1175135 - Security: Fix cross-site scripting XSS via HTML messages with malicious svg content CVE-2020-16145 - Security: Fix cross-site scripting XS...

9.8CVSS7.8AI score0.84456EPSS
Exploits4References14
Tenable Nessus
Tenable Nessus
added 2020/07/15 12:0 a.m.17 views

Fedora 31 : roundcubemail (2020-5352732865)

RELEASE 1.4.7 - Fix bug where subfolders of special folders could have been duplicated on folder list - Increase maximum size of contact jobtitle and department fields to 128 characters - Fix missing newline after the logged line when writing to stdout 7418 - Elastic: Fix context menu paste on th...

5.1AI score
Exploits0References1
Cvelist
Cvelist
added 2020/01/10 3:8 p.m.30 views

CVE-2020-1766 Improper handling of uploaded inline images

Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. This issue affects: OTRS Community Edition 5.0.x version 5.0.39 and prior...

2CVSS6.8AI score0.01273EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2017/08/21 12:0 a.m.32 views

openSUSE Security Update : MozillaThunderbird (openSUSE-2017-955)

This update for MozillaThunderbird to version 52.3 fixes security issues and bugs. The following vulnerabilities were fixed : - CVE-2017-7798: XUL injection in the style editor in devtools - CVE-2017-7800: Use-after-free in WebSockets during disconnection - CVE-2017-7801: Use-after-free with...

10CVSS7.3AI score0.04187EPSS
Exploits12References17
OPENSUSE Linux
OPENSUSE Linux
added 2017/08/18 3:7 p.m.326 views

Security update for MozillaThunderbird (important)

This update for MozillaThunderbird to version 52.3 fixes security issues and bugs. The following vulnerabilities were fixed: - CVE-2017-7798: XUL injection in the style editor in devtools - CVE-2017-7800: Use-after-free in WebSockets during disconnection - CVE-2017-7801: Use-after-free with marqu...

9.8AI score0.04187EPSS
Exploits12References1
Fedora
Fedora
added 2016/12/09 10:31 p.m.29 views

[SECURITY] Fedora 25 Update: gd-2.2.3-5.fc25

The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the...

9.8CVSS2.8AI score0.05101EPSS
Exploits0
Packet Storm
Packet Storm
added 2016/09/13 12:0 a.m.43 views

Open-Xchange App Suite 7.8.2 Cross Site Scripting

Product: OX App Suite Vendor: OX Software GmbH Internal reference: 46484 Bug ID Vulnerability type: Cross Site Scripting CWE-80 Vulnerable version: 7.8.2 and earlier Vulnerable component: frontend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.6.2-rev46, 7.6.3-rev1...

6.3AI score0.04274EPSS
Exploits4
Fedora
Fedora
added 2016/04/18 5:40 p.m.12 views

[SECURITY] Fedora 24 Update: w3m-0.5.3-24.fc24

The w3m program is a pager or text file viewer that can also be used as a text-mode Web browser. W3m features include the following: when reading an HTML document, you can follow links and view images using an external image viewer; its internet message mode determines the type of document from t...

0.2AI score
Exploits0
Cvelist
Cvelist
added 2015/01/30 11:0 a.m.25 views

CVE-2014-8839

Spotlight in Apple OS X before 10.10.2 does not enforce the Mail "Load remote content in messages" configuration, which allows remote attackers to discover recipient IP addresses by including an inline image in an HTML e-mail message and logging HTTP requests for this image's URL...

3.5AI score0.021EPSS
Exploits0References6
Fedora
Fedora
added 2015/01/19 1:34 a.m.37 views

[SECURITY] Fedora 21 Update: gd-2.1.0-8.fc21

The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the...

4.3CVSS2.8AI score0.22319EPSS
Exploits3
OpenVAS
OpenVAS
added 2013/09/22 12:0 a.m.25 views

OTRS < 2.4.7 AgentTicketForward Information Disclosure Vulnerability

Open Ticket Request System OTRS is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS6.3AI score0.01092EPSS
Exploits1
OpenVAS
OpenVAS
added 2012/10/19 12:0 a.m.17 views

Pidgin MXit Message Parsing Buffer Overflow Vulnerability - Windows

Pidgin is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.06402EPSS
Exploits2References4
OSV
OSV
added 2011/03/18 4:55 p.m.10 views

CVE-2010-4766

The AgentTicketForward feature in Open Ticket Request System OTRS before 2.4.7 does not properly remove inline images from HTML e-mail messages, which allows remote attackers to obtain potentially sensitive image information in opportunistic circumstances by reading a forwarded message in a...

6AI score
Exploits0References2
OSV
OSV
added 2011/03/18 4:55 p.m.3 views

DEBIAN-CVE-2010-4766

The AgentTicketForward feature in Open Ticket Request System OTRS before 2.4.7 does not properly remove inline images from HTML e-mail messages, which allows remote attackers to obtain potentially sensitive image information in opportunistic circumstances by reading a forwarded message in a...

4.3CVSS6.5AI score0.01092EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.11 views

Fedora Update for w3m FEDORA-2007-077

Check for the Version of w3m OpenVAS Vulnerability Test Fedora Update for w3m FEDORA-2007-077 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of th...

7.4AI score
Exploits0References2
Rows per page
Query Builder