EUVD-2023-2213

Malicious code in bioql PyPI...

EUVD-2024-3612

Malicious code in bioql PyPI...

Insufficiently Protected Credentials

GoPhish is vulnerable to Insufficiently Protected Credentials. The vulnerability is due to improper handling of mail server credentials due to storing cleartext passwords for the configured IMAP and SMTP servers, exposing sensitive information to attackers...

Open-Xchange: Command Injection via STARTTLS in SMTP

During our research into the security of email servers at Münster University of Applied Sciences, we found a command injection vulnerability related to STARTTLS in Dovecot. See the attached advisory for details. The vulnerability allows a MITM attacker between a mail client and Dovecot to inject...

F-Secure E-mail/Server Security OpenSSL TLS/DTLS心跳信息泄漏漏洞

CVE ID:CVE-2014-0160 F-Secure E-mail/Server Security/F-Secure Server Security产品存在安全漏洞。 F-Secure E-mail/Server Security/F-Secure Server Security所绑定的OpenSSL存在安全漏洞，OpenSSL处理TLS”心跳“扩展存在一个边界错误，允许攻击者利用漏洞获取64k大小的已链接客户端或服务器的内存内容。内存信息可包括私钥，用户名密码等。 0 F-Secure E-mail and Server Security 10.x F-Secure E-mail...

CVE-2003-1481

CommuniGate Pro versions 3.1–4.0.6 are affected by a flaw where the session ID is exposed in the Referer header of an image request. This enables remote attackers to hijack mail sessions by sending an email containing an IMG tag referencing a malicious URL that captures the Referer. Impact is use...

NSAG-201-24.02.2006.txt

Advisory: NSAG-¹201-24.02.2006 Research: NSA Group Russian company on Audit of safety & Network security Site of Research: http://www.nsag.ru or http://www.nsag.org Product: ArGoSoft Mail Server Pro 1.8 POP Site of manufacturer: www.argosoft.com The status: 19/11/2005 - Publication is postponed...

1st Class Mail Server 4.0 1 - general.tagz Cross-Site Scripting

source: https://www.securityfocus.com/bid/10089/info Multiple vulnerabilities have been identified in the application that may allow a remote attacker to carry out directory traversal and cross-site scripting attacks. 1st Class Mail Server version 4.01 is reported to be prone to these issues,...

FreeBSD-SA-00:14.imap-uw

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:14 Security Advisory FreeBSD, Inc. Topic: imap-uw contains security vulnerabilities for "closed" mail servers Category: ports Module: imap-uw Announced: 2000-04-24...

XtraMail SMTP HELO Command Remote Overflow

The remote host is running a version of XtraMail with a remote buffer overflow vulnerability. The overflow is caused by by issuing the 'HELO' command, followed by a long argument. The HELO command is typically one of the first commands required by a mail server. The command is used by the mail...