Lucene search
K

136 matches found

CNVD
CNVD
added 2016/09/09 12:0 a.m.5 views

Google Android AOSP Mail Information Disclosure Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An information disclosure vulnerability exists in Google Android AOSP Mail. An attacker can exploit this vulnerability to obtain sensitive information...

5.5CVSS6.1AI score0.00477EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.7 views

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the ssmtp package of the Debian GNU/Linux operating system may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

5CVSS5.4AI score0.03504EPSS
Exploits0References3Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/05/30 7:18 a.m.6 views

Cybozu Garoon vulnerable to information disclosure

Overview Cybozu Garoon is a groupware. Cybozu Garoon contains an information disclosure vulnerability in the mail function. Masato Kinugawa reported this vulnerability to Cybozu, Inc., and Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC...

7.5CVSS6.1AI score0.01552EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/05/30 7:18 a.m.2 views

Cybozu Garoon mail function vulnerable to access restriction bypass

Overview Cybozu Garoon is a groupware. Cybozu Garoon contains an access restriction bypass vulnerability in the mail function. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact A spoofed e-mail may be sent by a user. Solution Update the...

6.5CVSS6.6AI score0.01139EPSS
Exploits0References6
Vulnerability Lab
Vulnerability Lab
added 2016/02/04 12:0 a.m.22 views

Barracuda Networks MDM - Persistent Mail Vulnerability

Document Title: =============== Barracuda Networks MDM - Persistent Mail Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1315 Release Date: ============= 2016-02-04 Vulnerability Laboratory ID VL-ID: ==================================== 131...

0.2AI score
Exploits0
Hacker One
Hacker One
added 2016/01/26 7:30 p.m.142 views

HackerOne: Unintended HTML inclusion as a result of https://hackerone.com/reports/110578

Hi, I was just reading https://hackerone.com/reports/110578 and testing out the changes. I had previously noticed that the editor would take something like: test and turn it into : test In other words, the code would recursively look at what should be the title string and use the first single or...

0.2AI score
Exploits0
OSV
OSV
added 2016/01/15 1:52 a.m.6 views

MGASA-2016-0019 Updated ruby-mail packages fix security vulnerability

The Mail library does not impose a length limit on email addresses, so an attacker can send a long spam message via a recipient address unless there is a limit on the application's side. The attacker-injected message in the recipient address is processed by the server. This type of vulnerability...

7AI score
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2015/10/21 12:0 a.m.6 views

The vulnerability of the Mac OS X operating system, which allows a perpetrator to gain access to protected information

The vulnerability of the Mail component in the Mac OS X operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to gain access to protected information at the moment when email messages are printed out...

5CVSS5.6AI score0.01435EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2014/10/18 1:55 a.m.23 views

CVE-2014-4439

Mail in Apple OS X before 10.10 does not properly recognize the removal of a recipient address from a message, which makes it easier for remote attackers to obtain sensitive information in opportunistic circumstances by reading a message intended exclusively for other recipients...

4.3CVSS5.5AI score0.0173EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2014/10/03 12:0 a.m.61 views

PayPal France Mail Encoding Script Insertion

Document Title: =============== PayPal Inc Bug Bounty Issue 70 France - Persistent Escape Shopping Mail Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=869...

0.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2014/09/25 12:0 a.m.53 views

PayPal Inc BB #70 FR - Persistent Mail Vulnerability

Document Title: =============== PayPal Inc BB 70 FR - Persistent Mail Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=869 PayPal Security UID: Roc83bl Release Date: ============= 2014-09-25 Vulnerability Laboratory ID VL-ID:...

7.1AI score
Exploits0
OSV
OSV
added 2012/10/22 11:55 p.m.4 views

CVE-2012-4507

The strchr function in procmime.c in Claws Mail aka claws-mail 3.8.1 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted email...

6.6AI score
Exploits0References7
Prion
Prion
added 2012/09/20 9:55 p.m.15 views

Code injection

Mail in Apple iOS before 6 does not properly implement the Data Protection feature for e-mail attachments, which allows physically proximate attackers to bypass an intended passcode requirement via unspecified vectors...

2.1CVSS5.9AI score0.00326EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2011/11/08 9:0 p.m.4 views

CVE-2011-2016

Untrusted search path vulnerability in Windows Mail and Windows Meeting Space in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a...

7.1AI score0.08103EPSS
Exploits1References2
OSV
OSV
added 2010/11/26 8:0 p.m.4 views

UBUNTU-CVE-2010-3829

WebKit in Apple iOS before 4.2 allows remote attackers to bypass the remote image loading setting in Mail via an HTML LINK element with a DNS prefetching property, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality, a related issue to...

5.8CVSS7.3AI score0.02446EPSS
Exploits0References4
Prion
Prion
added 2010/09/15 7:0 p.m.21 views

Heap overflow

Heap-based buffer overflow in Microsoft Outlook 2002 SP3, 2003 SP3, and 2007 SP2, when Online Mode for an Exchange Server is enabled, allows remote attackers to execute arbitrary code via a crafted e-mail message, aka "Heap Based Buffer Overflow in Outlook Vulnerability."...

9.3CVSS8.5AI score0.17253EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2009/06/19 12:0 a.m.6 views

PT-2009-3542 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: Apple iPhone OS versions 1.0 through 2.2.1 Apple iPhone OS for iPod touch versions 1.1 through 2.2.1 Description: The issue concerns the Mail component, which does not offer an option to disable remote image loading in HTML emails. This allow...

4.3CVSS6AI score0.0189EPSS
Exploits0References7
Exploit DB
Exploit DB
added 2009/06/01 12:0 a.m.28 views

elitecms 1.01 - SQL Injection / Cross-Site Scripting

eliteCMS 1.01 SQL/XSS Multiple Remote Vulns by xenohive greets to daganarus, dearest of all my friends. SQL injection requires magicquotes = off -/includes/functions.php --------------------------------- 89. function getpagesettings ... 92. $query = "SELECT FROM pages WHERE id = '$GET'page''"; 93...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2008/05/06 12:0 a.m.45 views

[ECHO_ADV_94$2008] Kmita Mail <= 3.0 (file) Remote File Inclusion Vulnerability

ECHOADV94$2008 ----------------------------------------------------------------------------------------- ECHOADV94$2008 Kmita Mail = 3.0 file Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran Addahroni...

7.5AI score
Exploits0
OSV
OSV
added 2007/08/27 5:17 p.m.6 views

CVE-2007-2958

Format string vulnerability in the incputerror function in src/inc.c in Sylpheed 2.4.4, and Sylpheed-Claws Claws Mail 1.9.100 and 2.10.0, allows remote POP3 servers to execute arbitrary code via format string specifiers in crafted replies...

7.4AI score
Exploits0References16
Rows per page
Query Builder