CVE-2025-2140

IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to spoof email identity of the sender due to improper verification of source data...

EUVD-2021-23985

Malware in sbrugna...

EUVD-2016-4010

Malware in sbrugna...

EUVD-2024-52853

Malicious code in bioql PyPI...

CVE-2021-37420

Zoho ManageEngine ADSelfService Plus before 6112 is vulnerable to mail spoofing...

CVE-2024-49782

IBM OpenPages with Watson 8.3 and 9.0 could allow a remote attacker to spoof mail server identity when using SSL/TLS security. An attacker could exploit this vulnerability to gain access to sensitive information disclosed through email notifications generated by OpenPages or disrupt notification...

CVE-2024-55929

A mail spoofing vulnerability in Xerox Workplace Suite allows attackers to forge email headers, making it appear as though messages are sent from trusted sources...

CVE-2024-55929

A mail spoofing vulnerability in Xerox Workplace Suite allows attackers to forge email headers, making it appear as though messages are sent from trusted sources...

CVE-2024-55929 Mail spoofing

A mail spoofing vulnerability in Xerox Workplace Suite allows attackers to forge email headers, making it appear as though messages are sent from trusted sources...

CVE-2024-55929

CVE-2024-55929 affects Xerox Workplace Suite. The publicly referenced details indicate a mail spoofing issue allowing forged email headers, making messages appear as if sent from trusted sources. Affected component is the Workplace Suite email handling; the validation of headers appears to be the...

CVE-2024-55929 Mail spoofing

A mail spoofing vulnerability in Xerox Workplace Suite allows attackers to forge email headers, making it appear as though messages are sent from trusted sources...

PT-2025-3157

Name of the Vulnerable Software and Affected Versions Xerox Workplace Suite versions prior to 5.6.701.9 Description A mail spoofing issue allows attackers to forge email headers, making it appear as though messages are sent from trusted sources. Recommendations For versions prior to 5.6.701.9,...

CVE-2024-49193

Zendesk pre-2024-07-02 is affected. The issue arises from processing incoming emails where Cc fields are extracted to grant extra ticket-viewing privileges, combined with an insufficient spoof-detection mechanism and predictable per-ticket support emails. This allows remote attackers to read tick...

CVE-2024-49193

Zendesk before 2024-07-02 allows remote attackers to read ticket history via e-mail spoofing, because Cc fields are extracted from incoming e-mail messages and used to grant additional authorization for ticket viewing, the mechanism for detecting spoofed e-mail messages is insufficient, and the...

CVE-2024-27305 SMTP smuggling in aiosmtpd

aiosmtpd is a reimplementation of the Python stdlib smtpd.py based on asyncio. aiosmtpd is vulnerable to inbound SMTP smuggling. SMTP smuggling is a novel vulnerability based on not so novel interpretation differences of the SMTP protocol. By exploiting SMTP smuggling, an attacker may send...

CVE-2024-27305 SMTP smuggling in aiosmtpd

aiosmtpd is a reimplementation of the Python stdlib smtpd.py based on asyncio. aiosmtpd is vulnerable to inbound SMTP smuggling. SMTP smuggling is a novel vulnerability based on not so novel interpretation differences of the SMTP protocol. By exploiting SMTP smuggling, an attacker may send...

CVE-2024-27938

Postal is an open source SMTP server. Postal versions less than 3.0.0 are vulnerable to SMTP Smuggling attacks which may allow incoming e-mails to be spoofed. This, in conjunction with a cooperative outgoing SMTP service, would allow for an incoming e-mail to be received by Postal addressed from ...

CVE-2024-27938 SMTP Smuggling in Postal

Postal is an open source SMTP server. Postal versions less than 3.0.0 are vulnerable to SMTP Smuggling attacks which may allow incoming e-mails to be spoofed. This, in conjunction with a cooperative outgoing SMTP service, would allow for an incoming e-mail to be received by Postal addressed from ...

CVE-2024-27938 SMTP Smuggling in Postal

Postal is an open source SMTP server. Postal versions less than 3.0.0 are vulnerable to SMTP Smuggling attacks which may allow incoming e-mails to be spoofed. This, in conjunction with a cooperative outgoing SMTP service, would allow for an incoming e-mail to be received by Postal addressed from ...

CVE-2024-27938

CVE-2024-27938 concerns Postal, an open source SMTP server. The vulnerability affects Postal versions older than 3.0.0 and enables SMTP Smuggling, potentially allowing an incoming email to be spoofed as if sent from a server the recipient user authorized. The impact is limited to inbound mail flo...