63 matches found
EUVD-2017-18535
Malware in sbrugna...
EUVD-2014-8708
Malware in sbrugna...
EUVD-2019-2526
Malware in sbrugna...
EUVD-2020-7925
Malware in sbrugna...
EUVD-2020-4220
Malware in sbrugna...
EUVD-2021-24826
Malware in sbrugna...
EUVD-2000-0480
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-11880
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in KDE KMail before 19.12.3. By using the proprietary non-RFC6068 mailto?attach=... parameter, a website or other source of mailto links...
Linux Distros Unpatched Vulnerability : CVE-2021-38373
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In KDE KMail 19.12.3 aka 5.13.3, the SMTP STARTTLS option is not honored and cleartext messages are sent unless Server requires authentication is checked...
Linux Distros Unpatched Vulnerability : CVE-2020-15954
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KDE KMail 19.12.3 aka 5.13.3 engages in unencrypted POP3 communication during times when the UI indicates that encryption is in use. CVE-2020-15954 Note that...
Linux Distros Unpatched Vulnerability : CVE-2017-9604
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs...
Linux Distros Unpatched Vulnerability : CVE-2014-8878
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KDE KMail does not encrypt attachments in emails when automatic encryption is enabled, which allows remote attackers to obtain sensitive information by sniffing...
CVE-2024-50624
ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of an attacker-controlled mail server because cleartext HTTP is used for a URL such as http://autoconfig.example.com or http://example.com/.well-known/autoconfig for retrieving the configuration. This is...
CVE-2024-50624
ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of an attacker-controlled mail server because cleartext HTTP is used for a URL such as http://autoconfig.example.com or http://example.com/.well-known/autoconfig for retrieving the configuration. This is...
CVE-2024-50624
ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of an attacker-controlled mail server because cleartext HTTP is used for a URL such as http://autoconfig.example.com or http://example.com/.well-known/autoconfig for retrieving the configuration. This is...
CVE-2024-50624
ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of an attacker-controlled mail server because cleartext HTTP is used for a URL such as http://autoconfig.example.com or http://example.com/.well-known/autoconfig for retrieving the configuration. This is...
CVE-2024-50624
ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of an attacker-controlled mail server because cleartext HTTP is used for a URL such as http://autoconfig.example.com or http://example.com/.well-known/autoconfig for retrieving the configuration. This is...
PT-2024-34364
Name of the Vulnerable Software and Affected Versions: KDE Kmail versions prior to 6.2.0 Description: The issue allows man-in-the-middle attackers to trigger the use of an attacker-controlled mail server. This is because cleartext HTTP is used for retrieving configuration from URLs such as...
RHEL 7 : kdepim (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - kmail: Send Later with Delay bypasses OpenPGP CVE-2017-9604 - KDE KMail does not encrypt attachments in...
RHEL 6 : kdepim (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - kmail: Send Later with Delay bypasses OpenPGP CVE-2017-9604 - KDE KMail does not encrypt attachments in...