CVE-2024-34058

The WebTop package for NethServer 7 and 8 allows stored XSS for example, via the Subject field if an e-mail message...

Dell E-Lab Navigator Security Bypass Vulnerability

Dell E-Lab Navigator is an online query tool from Dell USA. A security bypass vulnerability exists in Dell E-Lab Navigator versions 3.1.9 and 3.2.0, which can be exploited by an attacker to manipulate the appearance of an e-mail message, potentially spoofing recipients and posing reputational and...

CVE-2022-23101

OX App Suite through 7.10.6 allows XSS via appHandler in a deep link in an e-mail message...

CVE-2022-23101

OX App Suite through 7.10.6 allows XSS via appHandler in a deep link in an e-mail message...

DEBIAN-CVE-2022-22589

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript...

CVE-2022-22589

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript...

Input validation

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript...

CVE-2022-22589

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript...

CVE-2022-22589

CVE-2022-22589 is a validation issue in WebKit/WebKitGTK where processing a maliciously crafted mail message could lead to running arbitrary JavaScript. The trusted component is WebKit/WebKitGTK in Apple platforms (iOS, iPadOS, watchOS, tvOS, macOS Monterey 12.2+; Safari 15.3) and WebKitGTK for L...

CVE-2022-22589

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript...

Ubuntu 20.04 LTS : WebKitGTK vulnerabilities (USN-5306-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5306-1 advisory. A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a...

Updated webkit2 packages fix security vulnerability

Processing a maliciously crafted mail message may lead to running arbitrary javascript. Description: A validation issue was addressed with improved input sanitization. CVE-2022-22589 Processing maliciously crafted web content may lead to arbitrary code execution. Description: A use after free iss...

PT-2022-4780 · Apple +8 · Macos Monterey +14

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 15.3 iPadOS versions prior to 15.3 watchOS versions prior to 8.4 tvOS versions prior to 15.3 Safari versions prior to 15.3 macOS Monterey versions prior to 12.2 Description: A validation issue was addressed with improved...

Debian DLA-2890-1 : libspf2 - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2890 advisory. - libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail messag...

CVE-2021-44143

A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers i.e., one that starts with an empty line to provoke a heap overflow, which could conceivably be exploited for remote...

CVE-2021-30741

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination...

Design/Logic Flaw

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination...

CVE-2021-30741

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination...

CVE-2021-38189

An issue was discovered in the lettre crate before 0.9.6 for Rust. In an e-mail message body, an attacker can place a . character after two sequences and then inject arbitrary SMTP commands...

CVE-2020-28017

Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receiveaddrecipient via an e-mail message with fifty million recipients. NOTE: remote exploitation may be difficult because of resource consumption...