SUSE SLED15 / SLES15 Security Update : go1.25-openssl (SUSE-SU-2026:2079-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2079-1 advisory. This update for go1.25-openssl fixes the following issues Security issues: - CVE-2026-33811: net: crash when...

CVE-2023-5422 SSL Certificates are not checked for E-Mail Handling

The functions to fetch e-mail via POP3 or IMAP as well as sending e-mail via SMTP use OpenSSL for static SSL or TLS based communication. As the SSLgetverifyresult function is not used the certificated is trusted always and it can not be ensured that the certificate satisfies all necessary securit...

CVE-2023-5422 SSL Certificates are not checked for E-Mail Handling

The functions to fetch e-mail via POP3 or IMAP as well as sending e-mail via SMTP use OpenSSL for static SSL or TLS based communication. As the SSLgetverifyresult function is not used the certificated is trusted always and it can not be ensured that the certificate satisfies all necessary securit...

CVE-2023-28854 nophp vulnerable to shell command injection on httpd user when sending a password-setting mail or mail-login mail

nophp is a PHP web framework. Prior to version 0.0.1, nophp is vulnerable to shell command injection on httpd user. A patch was made available at commit e5409aa2d441789cbb35f6b119bef97ecc3986aa on 2023-03-30. Users should update index.php to 2023-03-30 or later or, as a workaround, add a function...

CodoForum 3.3.1 - Multiple SQL Injection Vulnerabilities

Exploit for php platform in category web applications CodoForum 3.3.1: Multiple SQL Injection Vulnerabilities Security Advisory – Curesec Research Team http://blog.curesec.com/article/blog/CodoForum-331-Multiple-SQL-Injection-Vulnerabilities-42.html 1. Introduction Affected Product: CodoForum 3.3...

Fedora 22 : roundcubemail-1.1.2-1.fc22 (2015-11405)

Release 1.1.2 - Add new plugin hook 'identitycreateafter' providing the ID of the inserted identity 1490358 - Add option to place signature at bottom of the quoted text even in top-posting mode sigbelow - Fix handling of %-encoded entities in mailto: URLs 1490346 - Fix zipped messages downloads...

RedHat Update for procmail RHSA-2014:1172-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1122-1: Thunderbird vulnerabilities

It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. CVE-2011-0081 It was discovered that Thunderbird incorrectly handled certain JavaScript requests. If...

Debian Security Advisory DSA 732-1 (mailutils)

The remote host is missing an update to mailutils announced via advisory DSA 732-1. OpenVAS Vulnerability Test $Id: deb7321.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 732-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Potential integer overflow with text/enhanced mail — Mozilla

Georgi Guninski discovered a potential integer overflow in the code that handles mail formatted as text/enhanced or text/richtext. This could in turn lead to a buffer overflow and potential code execution...

Kerio MailServer < 6.0.10 Multiple Mail Handling DoS

According to its banner, the remote host is running a version of Kerio MailServer prior to 6.0.10. In those versions, crashes can occur when downloading certain email messages in IMAP or Outlook with Kerio Outlook Connector KOC or, under Linux, when parsing email messages with multiple embedded...

Elm frm Command Mail Subject Line Handling Remote Overflow

Binary data 1140.prm...