25 matches found
CVE-2019-20491
cPanel before 82.0.18 allows attackers to leverage virtual mail accounts in order to bypass account suspensions SEC-508...
EUVD-2019-11035
Malware in sbrugna...
EUVD-2016-5049
Malware in sbrugna...
EUVD-2023-30254
Malicious code in bioql PyPI...
EUVD-2023-30253
Malicious code in bioql PyPI...
CVE-2023-26434
When adding an external mail account, processing of POP3 "capabilities" responses are not limited to plausible sizes. Attacker with access to a rogue POP3 service could trigger requests that lead to excessive resource usage and eventually service unavailability. We now limit accepted POP3 server...
CVE-2019-20491
cPanel before 82.0.18 allows attackers to leverage virtual mail accounts in order to bypass account suspensions SEC-508...
CVE-2019-20491
cPanel before 82.0.18 allows attackers to leverage virtual mail accounts in order to bypass account suspensions SEC-508...
CVE-2019-20491
CVE-2019-20491 concerns cPanel prior to 82.0.18 where an attacker can leverage virtual mail accounts to bypass account suspensions (SEC-508). This is the explicit vulnerability described in multiple sources. The linked Red Hat/CNVD/etc. entries corroborate the same issue. Impact is that a bypass ...
CVE-2016-4046
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The API to configure external mail accounts can be abused to map and access network components within the trust boundary of the operator. Users can inject arbitrary hosts and ports to API calls. Depending on the response typ...
Debian Security Advisory DSA 3132-1 (icedove - security update)
Multiple security issues have been found in Icedove, Debian OpenVAS Vulnerability Test $Id: deb3132.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3132-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2015 Greenbone Networks GmbH...
Debian Security Advisory DSA 2960-1 (icedove - security update)
Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client: multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code or denial of service. OpenVAS Vulnerability Test $Id: deb2960.nasl 6724 2017-07-14...
Mac OS X 10.x < 10.9 Multiple Vulnerabilities (BEAST)
The remote host is running a version of Mac OS X 10.x that is prior to version 10.9. The newer version contains multiple security-related fixes for the following components : - Application Firewall - App Sandbox - Bluetooth - CFNetwork - CFNetwork SSL - Console - CoreGraphics - curl - dyld -...
Passwords of configured SMTP mail accounts are stored in cleartext
Passwords for configured mail accounts are stored in clear text in the database as can be seen e.g. by: code SELECT FROM BANDANA WHERE BANDANAKEY = 'atlassian.confluence.space.mailaccounts'; code Even when being an admin I should NOT be able to read-out other users email account password! This...
Passwords of configured SMTP mail accounts are stored in cleartext
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-29534. panel Passwords for configured mail accounts are stored in clear text in the database as can be seen e.g. by: code SELECT...
A virus specialized for AutoCAD, a perfect cyber espionage tool
A virus specialized for AutoCAD, a perfect cyber espionage tool In recent years we are assisting to a profoundly change in the nature of malware, it is increased the development for spy purposes, for its spread in both private and government sectors. The recent case of Flame malware has...
Iran replacing Google, Hotmail with its own internal search engines and email services
Iran replacing Google, Hotmail with its own internal search engines and email services Iran has denied the report that it plans to cut itself off from the Internet. In a statement, the ministry said "The report is in no way confirmed by the ministry". It added that it was "completely baseless," a...
Cybergangs use cheap labor to break codes on social sites
From USA Today Byron Acohido It’s become the new front in cybercrime: scams and identity-theft programs that attack e-mail accounts and users of social-networking sites such as Facebook and MySpace. To carry out many of these automated attacks, cybercriminals first must overcome “captchas,” the...
CVE-2008-6674
mailPage.asp in QuickerSite 1.8.5 allows remote attackers to flood e-mail accounts with messages via a large number of requests with a modified sEmail parameter...
CVE-2008-6674
mailPage.asp in QuickerSite 1.8.5 allows remote attackers to flood e-mail accounts with messages via a large number of requests with a modified sEmail parameter...