SUSE CVE-2009-1636

Multiple buffer overflows in the Internet Agent aka GWIA component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 allow remote attackers to execute arbitrary code via 1 a crafted e-mail address in an SMTP session or 2 an SMTP command...

EUVD-2003-1471

Malware in sbrugna...

SUSE CVE-2008-4182

Cross-site scripting XSS vulnerability in imp/test.php in Horde Turba Contact Manager H3 2.2.1 and other versions before 2.3.1, and possibly other Horde Project products, allows remote attackers to inject arbitrary web script or HTML via the User field in an IMAP session...

Man In The Middle (MitM)

org.apache.sling:org.apache.sling.commons.messaging.mail is vulnerable to man-in-the-middle MitM attacks. Lack of server identity checks when accessing mail servers allow remote attackers to perform man in the middle attacks when participating in a shared mail session...

CVE-2021-44549 SMTPS server hostname not checked when making TLS connection to SMTPS server

Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. To reduce the risk of "man in the middle" attacks additional server identity checks must be performed when accessing mail servers. For compatibility reasons these addition...

SAP Netweaver 命令注入漏洞

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A command injection vulnerability exists in SAP NetWeaver AS ABAP, which can be exploited by an attacker to inse...