EUVD-2025-3678

Malicious code in bioql PyPI...

CVE-2021-37708

Shopware is an open source eCommerce platform. Versions prior to 6.4.3.1 contain a command injection vulnerability in mail agent settings. Version 6.4.3.1 contains a patch. As workarounds for older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin...

CVE-2025-24364 vaultwarden allows RCE in the admin panel

vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwardenrs. Attacker with authenticated access to the vaultwarden admin panel can execute arbitrary code in the system. The attacker could then change some settings to use sendmail as mail agent but adjus...

GHSA-XH55-2FQP-P775 Command injection in mail agent settings

Impact Command injection in mail agent settings Patches We recommend updating to the current version 6.4.3.1. You can get the update to 6.4.3.1 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/shopware-6 Workarounds For older versions of...

Command injection in mail agent settings

Impact Command injection in mail agent settings Patches We recommend updating to the current version 6.4.3.1. You can get the update to 6.4.3.1 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/shopware-6 Workarounds For older versions of...

CVE-2021-37708

Shopware is an open source eCommerce platform. Versions prior to 6.4.3.1 contain a command injection vulnerability in mail agent settings. Version 6.4.3.1 contains a patch. As workarounds for older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin...

CVE-2021-37708

Shopware is an open source eCommerce platform. Versions prior to 6.4.3.1 contain a command injection vulnerability in mail agent settings. Version 6.4.3.1 contains a patch. As workarounds for older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin...

Command injection

Shopware is an open source eCommerce platform. Versions prior to 6.4.3.1 contain a command injection vulnerability in mail agent settings. Version 6.4.3.1 contains a patch. As workarounds for older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin...

CVE-2021-37708

Shopware is affected by a command injection vulnerability in the mail agent settings for versions prior to 6.4.3.1. The issue is fixed in 6.4.3.1, with workaround security measures available via a plugin for older series (6.1–6.3). Practical impact is a command injection in mail proxy/settings, a...

CVE-2021-37708 Command injection in mail agent settings

Shopware is an open source eCommerce platform. Versions prior to 6.4.3.1 contain a command injection vulnerability in mail agent settings. Version 6.4.3.1 contains a patch. As workarounds for older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin...

Eremove mail agent buffer overflow

Buffer overflow on oversized message...

mutt mail agent buffer overflow

Buffer overflow on parsing IMAP server reply...

Evolution mail agent DoS

Large plain text message with large number of URL causes application to hang...

The Bat mail agent buffer overflow

Buffer overflow on oversied Subject field...

The Bat! mail agent headers spoofing

message/partial format alows to spoof message headers completely, making it impossible to track sender by Received or Message-ID headers...

Sylpheed mail agent buffer overflow

Buffer overflow on LDIF file parsing...

mutt mail agent buffer overflow

Buffer overflow on parsing messages from mailbox...

KMail mail agent signed content spoofing

Invalid HTML part handling allows to spoof signed text...

CVE-2003-0241

FrontRange GoldMine mail agent 5.70 and 6.00 before 30503 directly sends HTML to the default browser without setting its security zone or otherwise labeling it untrusted, which allows remote attackers to execute arbitrary code via a message that is rendered in IE using a less secure zone...

CVE-2003-0241

The CVE-2003-0241 issue affects FrontRange GoldMine mail agent, specifically versions 5.70 and 6.00 prior to build 30503. The vulnerability arises when HTML is sent to the default browser without labeling the content as untrusted or setting a secure zone, causing IE to render HTML in a less secur...