EUVD-2019-2535

Malware in sbrugna...

PT-2024-19710 · Open Xchange Gmbh +1 · Ox App Suite

Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue arises from E-Mails being exported as PDF and stored in a cache that does not consider specific session information for the related user account. This allows users of the same...

mail.hydraulics2000.com.au Cross Site Scripting vulnerability OBB-2982849

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

DEBIAN-CVE-2017-17689

The S/MIME specification allows a Cipher Block Chaining CBC malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL...

Updated ruby-mail packages fix security vulnerability

The Mail library does not impose a length limit on email addresses, so an attacker can send a long spam message via a recipient address unless there is a limit on the application's side. The attacker-injected message in the recipient address is processed by the server. This type of vulnerability...

openssl: mime_param_cmp NULL dereference crash

The mimeparamcmp function in crypto/asn1/asnmime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted S/MIME message, a different vulnerability than CVE-2006-7250...