Lucene search
+L

83 matches found

Prion
Prion
added 2018/04/03 6:29 a.m.17 views

Design/Logic Flaw

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Mail" component. It allows man-in-the-middle attackers to read S/MIME encrypted message content by sending HTML e-mail that references remote resources but lacks a valid S/MIME signature...

4.3CVSS4.5AI score0.01159EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/04/03 6:0 a.m.21 views

CVE-2018-4174

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "Mail" component. It allows man-in-the-middle attackers to read S/MIME encrypted messages by leveraging an inconsistency in the user interface...

5.8AI score0.01511EPSS
Exploits0References5
CVE
CVE
added 2018/04/03 6:0 a.m.86 views

CVE-2018-4174

CVE-2018-4174 affects Apple iOS <11.3 and macOS

5.9CVSS5.5AI score0.01511EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2017/12/25 9:0 p.m.22 views

CVE-2017-13871

An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Mail" component. It allows remote attackers to read cleartext e-mail content for which S/MIME encryption was intended by leveraging the lack of installation of an S/MIME certificate by the...

6.7AI score0.0148EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/12/25 9:0 p.m.25 views

CVE-2017-13874

An issue was discovered in certain Apple products. iOS before 11.2 is affected. The issue involves the "Mail" component. It might allow remote attackers to bypass an intended encryption protection mechanism by leveraging incorrect S/MIME certificate selection...

6.4AI score0.01036EPSS
Exploits0References3
CNVD
CNVD
added 2017/12/11 12:0 a.m.6 views

Apple iOS Memory Corruption Vulnerability (CNVD-2018-00597)

Apple iOS is an operating system developed by Apple for mobile devices, and Mail is one of the mail clients. A security vulnerability exists in the Mail component of Apple iOS prior to version 11.2. An attacker can exploit this vulnerability to cause the system to use incorrect certificates for...

7.5CVSS6.5AI score0.01036EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/07 12:0 a.m.12 views

Apple macOS High Sierra Mail component plaintext delivery vulnerability

Apple macOS High Sierra is a specialized operating system developed by Apple for Mac computers.Mail component is one of the email components. A security vulnerability exists in the Mail component of Apple macOS High Sierra prior to 10.13.2, which stems from the fact that an encrypted S/MIME email...

7.5CVSS6.5AI score0.0148EPSS
Exploits0References1
NVD
NVD
added 2017/10/23 1:29 a.m.19 views

CVE-2017-7141

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Mail" component. It allows remote attackers to bypass an intended off value of the "Load remote content in messages" setting, and consequently discover an e-mail recipient's IP address, via ...

5.3CVSS4.5AI score0.015EPSS
Exploits0References3
Prion
Prion
added 2017/10/23 1:29 a.m.19 views

Design/Logic Flaw

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Mail" component. It allows remote attackers to bypass an intended off value of the "Load remote content in messages" setting, and consequently discover an e-mail recipient's IP address, via ...

5CVSS4.5AI score0.015EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/03/16 12:0 a.m.8 views

The vulnerability of the Mac OS X operating system, which allows a hacker to trigger a service failure

The vulnerability of the Mail component in the Mac OS X operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures through a specially crafted URL...

4.3CVSS6.8AI score0.00849EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/02/20 8:59 a.m.4 views

CVE-2016-4689

An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Mail" component, which does not alert the user to an S/MIME email signature that used a revoked certificate...

7.5CVSS5.8AI score0.01003EPSS
Exploits0References3
Prion
Prion
added 2017/02/20 8:59 a.m.11 views

Code injection

An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Mail" component, which does not alert the user to an S/MIME email signature that used a revoked certificate...

5CVSS5.8AI score0.01003EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/02/20 8:35 a.m.23 views

CVE-2016-7580

An issue was discovered in certain Apple products. macOS before 10.12 is affected. The issue involves the "Mail" component, which allows remote web servers to cause a denial of service via a crafted URL...

5.6AI score0.00849EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/02/20 8:35 a.m.25 views

CVE-2016-4689

An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Mail" component, which does not alert the user to an S/MIME email signature that used a revoked certificate...

6.3AI score0.01003EPSS
Exploits0References3
Prion
Prion
added 2016/12/30 7:59 p.m.26 views

Command injection

The setFrom function in the Sendmail adapter in the zend-mail component before 2.4.11, 2.5.x, 2.6.x, and 2.7.x before 2.7.2, and Zend Framework before 2.4.11 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a " backslash double...

7.5CVSS8AI score0.38438EPSS
Exploits10References8Affected Software2
Cvelist
Cvelist
added 2016/12/30 7:0 p.m.34 views

CVE-2016-10034

The setFrom function in the Sendmail adapter in the zend-mail component before 2.4.11, 2.5.x, 2.6.x, and 2.7.x before 2.7.2, and Zend Framework before 2.4.11 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a " backslash double...

9.6AI score0.38438EPSS
Exploits10References8
Tenable Nessus
Tenable Nessus
added 2016/08/11 12:0 a.m.61 views

Joomla! < 3.6.1 Multiple Vulnerabilities

According to its self-reported version number, the Joomla! installation running on the remote web server is prior to 3.6.1. It is, therefore, affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability exists in the mail component due to improper sanitization of input before...

5.7AI score
Exploits0References4
FreeBSD
FreeBSD
added 2016/08/03 12:0 a.m.16 views

Joomla! -- multiple vulnerabilities

The JSST and the Joomla! Security Center report: 20160801 - Core - ACL Violation Inadequate ACL checks in comcontent provide potential read access to data which should be access restricted to users with editown level. 20160802 - Core - XSS Vulnerability Inadequate escaping leads to XSS...

2.5AI score
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2016/07/11 12:0 a.m.8 views

The vulnerability of the Android operating system, which allows a perpetrator to obtain confidential information

The vulnerability in the mail/compose/ComposeActivity.java function of the AOSP Mail component in the Android operating system is related to the lack of protection for sensitive data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain confidential informati...

4.3CVSS6.3AI score0.00471EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2016/05/04 12:0 a.m.5 views

Android AOSP Mail Information Disclosure Vulnerability (CNVD-2016-02863)

Android is the United States Google Google and the Open Handheld Alliance referred to as OHA jointly developed a set of Linux-based open source operating system.AOSP Mail is one of the AOSP Android Open Source Project e-mail component. AOSP Mail for Android suffers from an information disclosure...

5.5CVSS6.2AI score0.00471EPSS
Exploits0References1
Rows per page
Query Builder