CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

EUVD-2026-36203

Spring Boot's Mail auto-configuration does not enable hostname verification. Applications that set the relevant JavaMail property, such as spring.mail.properties.mail.smtp.ssl.checkserveridentity=true, are not affected. Affected versions: Spring Boot 4.0.0 through 4.0.6; 3.5.0 through 3.5.14; 3.4...

5CVSS5.4AI score

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2008-2102

Malware in sbrugna...

3.5CVSS6.1AI score0.00568EPSS

Exploits0References12

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2014-1648

Malware in sbrugna...

5CVSS5.8AI score0.01104EPSS

Exploits0References17

RedhatCVE•added 2025/05/31 6:52 p.m.•14 views

CVE-2025-5323

A vulnerability, which was classified as problematic, has been found in fossasia open-event-server 1.19.1. This issue affects the function sendemailchangeuseremail of the file /fossasia/open-event-server/blob/development/app/api/helpers/mail.py of the component Mail Verification Handler. The...

6.3CVSS6.7AI score0.00041EPSS

Exploits0References1

Vulnrichment•added 2025/05/29 6:0 p.m.•8 views

CVE-2025-5323 fossasia open-event-server Mail Verification mail.py send_email_change_user_email reliance on obfuscation or encryption of security-relevant inputs without integrity checking

6.3CVSS4.2AI score0.00041EPSS

Exploits0References5

Cvelist•added 2025/05/29 6:0 p.m.•17 views

CVE-2025-5323 fossasia open-event-server Mail Verification mail.py send_email_change_user_email reliance on obfuscation or encryption of security-relevant inputs without integrity checking

6.3CVSS0.00041EPSS

Exploits0References5

CVE•added 2025/05/29 6:0 p.m.•53 views

CVE-2025-5323

CVE-2025-5323 affects fossasia open-event-server 1.19.1, specifically the Mail Verification Handler’s function send_email_change_user_email . The issue is described as relying on obfuscation or encryption of security-relevant inputs without integrity checks, with possible remote activation and hi...

6.3CVSS7AI score0.00041EPSS

Exploits0References5

Positive Technologies•added 2025/05/29 12:0 a.m.•2 views

PT-2025-23188 · Fossasia · Open-Event-Server

Name of the Vulnerable Software and Affected Versions: fossasia open-event-server version 1.19.1 Description: A problematic issue has been found in the Mail Verification Handler component, specifically affecting the send email change user email function. This issue leads to reliance on obfuscatio...

6.3CVSS4AI score0.00041EPSS

Exploits0References8

RedhatCVE•added 2025/02/05 1:47 p.m.•9 views

CVE-2020-13292

In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow...

9.6CVSS6.6AI score0.00093EPSS

Exploits0

OSV•added 2024/03/06 11:22 a.m.•27 views

BIT-GITLAB-2020-13292

In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow...

9.6CVSS9.2AI score0.00093EPSS

Exploits0References4

Cvelist•added 2023/05/18 12:0 a.m.•13 views

CVE-2023-31597

An issue in Zammad v5.4.0 allows attackers to bypass e-mail verification using an arbitrary address and manipulate the data of the generated user. Attackers are also able to gain unauthorized access to existing tickets...

6.9AI score0.00229EPSS

Exploits0References1

Veracode•added 2020/10/20 1:24 a.m.•22 views

Lack Of E-Mail Verification

sylius/sylius suffers from a lack of e-mail verification. A registered and verified user in a shop is able to change it to another e-mail, without the need to re-verify on the new e-mail address...

4.3CVSS3.6AI score0.00174EPSS

Exploits0References2Affected Software1

OSV•added 2020/08/10 2:15 p.m.•15 views

CVE-2020-13292

In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow...

9.6CVSS6.7AI score0.00093EPSS

Exploits0References3

Prion•added 2020/08/10 2:15 p.m.•18 views

Design/Logic Flaw

In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow...

5.5CVSS9.2AI score0.00093EPSS

Exploits0References3Affected Software1

UbuntuCve•added 2020/08/10 2:15 p.m.•20 views

CVE-2020-13292

In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow...

9.6CVSS7.2AI score0.00093EPSS

Exploits0References5

Debian CVE•added 2020/08/10 1:33 p.m.•19 views

CVE-2020-13292

Removed by vendor...

9.6CVSS7.3AI score0.00093EPSS

Exploits0

NVD•added 2020/06/19 8:15 p.m.•18 views

CVE-2016-11062

An issue was discovered in Mattermost Server before 3.5.1. E-mail address verification can be bypassed...

5.3CVSS0.00195EPSS

Exploits0References1

Prion•added 2020/06/19 8:15 p.m.•15 views

Design/Logic Flaw

An issue was discovered in Mattermost Server before 3.5.1. E-mail address verification can be bypassed...

5CVSS7.1AI score0.00195EPSS

Exploits0References1Affected Software1

Cvelist•added 2019/06/21 5:44 p.m.•16 views

CVE-2019-10270

An arbitrary password reset issue was discovered in the Ultimate Member plugin 2.39 for WordPress. It is possible due to lack of verification and correlation between the reset password key sent by mail and the userid parameter to reset the password of another user. One only needs to know the...

8.9AI score0.00168EPSS

Exploits1References1

Hacker One•added 2016/09/06 8:29 p.m.•44 views

Yelp: Verification of E-Mail address possible on https://biz.yelp.com/login and https://biz.yelp.com/forgot

On pages https://biz.yelp.com/login and https://biz.yelp.com/forgot a malicious user can verify if a particular E-mail address is registered on biz.yelp.com. Steps to reproduce for https://biz.yelp.com/login: 1. Open https://biz.yelp.com/login 2. Enter non existing E-Mail Address 3. Enter any...

0.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by