Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/19 12:0 a.m.13 views

AlmaLinux 8 : python3.11 (ALSA-2026:4473)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4473 advisory. cpython: wsgiref.headers.Headers allows header newline injection in Python CVE-2026-0865 cpython: IMAP command injection in user-controlled commands...

6CVSS7.2AI score0.0056EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/01/08 12:0 a.m.2 views

CVE-2025-56425

An issue was discovered in the AppConnector component version 10.10.0.183 and earlier of enaio 10.10, in the AppConnector component version 11.0.0.183 and earlier of enaio 11.0, and in the AppConnctor component version 11.10.0.183 and earlier of enaio 11.10. The vulnerability allows authenticated...

6.7AI score0.00637EPSS
Exploits1References2
Veracode
Veracode
added 2025/10/13 2:35 p.m.6 views

SMTP Injection

Jakarta Mail is vulnerable to SMTP injection. The vulnerability is due to improper input validation of SMTP message fields of raw carriage return and line feed \r and \n UTF-8 characters in headers and parameters, An attackers can exploit this to inject additional SMTP commands or split messages ...

7.5CVSS7.3AI score0.00756EPSS
Exploits0References6Affected Software3
OSV
OSV
added 2025/09/29 10:21 p.m.6 views

CVE-2025-59937 go-mail has insufficient address encoding when passing mail addresses to the SMTP client

go-mail is a comprehensive library for sending mails with Go. In versions 0.7.0 and below, due to incorrect handling of the mail.Address values when a sender- or recipient address is passed to the corresponding MAIL FROM or RCPT TO commands of the SMTP client, there is a possibility of wrong...

8.2CVSS6.8AI score0.00505EPSS
Exploits1References6
CNNVD
CNNVD
added 2021/08/08 12:0 a.m.5 views

Rust 命令注入漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A command execution vulnerability exists in letre crate before Mozilla Rust 0.9.6, which can be exploited by attackers to execute arbitrary SMTP commands on the system...

9.8CVSS6.3AI score0.01494EPSS
Exploits1References2
OSV
OSV
added 2010/12/14 4:0 p.m.2 views

DEBIAN-CVE-2010-4344

Heap-based buffer overflow in the stringvformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging...

9.8CVSS8.3AI score0.71794EPSS
Exploits6References1
RedHat Linux
RedHat Linux
added 2010/12/10 9:43 p.m.3 views

exim: remote code execution flaw

Heap-based buffer overflow in the stringvformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging...

9.8CVSS8.1AI score0.71794EPSS
Exploits6References5
Rows per page
Query Builder