Lucene search
K

136 matches found

RedHat Linux
RedHat Linux
added 2024/05/22 11:47 a.m.37 views

Important: Red Hat Security Advisory: go-toolset:rhel8 security update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7AI score0.91969EPSS
Exploits1References7
CNVD
CNVD
added 2024/05/16 12:0 a.m.9 views

Cybozu Garoon Information Disclosure Vulnerability (CNVD-2024-29673)

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. An information disclosure vulnerability exists in Cybozu Garoon. The vulnerability stems from insufficient...

6.5CVSS6.1AI score0.00282EPSS
Exploits0References1
OSV
OSV
added 2024/05/15 10:33 p.m.12 views

GHSA-26HQ-7286-MG8F Magento Patch SUPEE-9652 - Remote Code Execution using mail vulnerability

Zend Framework 1 vulnerability can be remotely exploited to execute code in Magento 1. While the issue is not reproducible in Magento 2, the library code is the same so it was fixed as well. Note: while the vulnerability is scored as critical, few systems are affected. To be affected by the...

7.3AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/11/21 12:0 a.m.7 views

PT-2023-30769 · Nextcloud · Nextcloud Mail

Name of the Vulnerable Software and Affected Versions: Nextcloud Mail versions 1.13.0 through 2.2.7 Nextcloud Mail versions 2.2.8 is not affected, but versions prior to 3.3.0 are affected, so the correct range is: Nextcloud Mail versions 1.13.0 through 3.2.x Description: Nextcloud Mail is the mai...

9.8CVSS9.4AI score0.00866EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/10/16 12:0 a.m.6 views

PT-2023-29634 · Nextcloud · Nextcloud Mail

Name of the Vulnerable Software and Affected Versions: Nextcloud Mail versions prior to 2.2.8 Nextcloud Mail versions prior to 3.3.0 Description: The issue is related to a missing check of origin, target, and cookies in Nextcloud Mail, allowing an attacker to abuse the proxy endpoint and cause a...

4.3CVSS4.4AI score0.00601EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2023/09/27 3:19 p.m.4 views

CVE-2023-44171

SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component adminsmtp.php...

9.8CVSS5.9AI score0.01155EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/06/07 12:0 a.m.8 views

PT-2023-11375 · WordPress · Wp Html Mail

Name of the Vulnerable Software and Affected Versions: WP HTML Mail plugin for WordPress versions up to, and including, 2.9.0.3 Description: The issue arises from insufficient input sanitization, allowing unauthenticated attackers to inject arbitrary HTML in pages. This can be achieved if an...

6.1CVSS6.2AI score0.0075EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2022/11/08 12:0 a.m.242 views

Forma SPOT-LMS 3.2.1 Cross Site Scripting

Title: Forma SPOT-LMS-3.2.1 Cross-site scripting reflected RCE - reset mail vulnerability Author: nu11secur1ty Date: 11.07.2022 Vendor: https://www.spotlms.us/indexmulti.php The software is applied in the demo account: https://www.spotlms-anca-001.ovh/ Reference:...

Exploits0
CNNVD
CNNVD
added 2022/08/04 12:0 a.m.7 views

Nextcloud 日志信息泄露漏洞

Nextcloud is a suite of open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A log message disclosure vulnerability exists in Nextcloud Mail that originates from logging user passwords to disk...

4.9CVSS5.3AI score0.00621EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/08/04 12:0 a.m.7 views

Nextcloud 代码问题漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A code issue vulnerability exists in Nextcloud Mail that stems from unrestricted access to minifier. An attacker could exploit this vulnerability to perfor...

9.8CVSS8.4AI score0.00604EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/08/02 12:0 a.m.4 views

PT-2022-25412 · Mozilla +4 · Thunderbird +4

Name of the Vulnerable Software and Affected Versions: xdg-mail affected versions not specified Description: The issue arises when xdg-mail is configured to use thunderbird for mailto URLs, leading to improper parsing of the URL. This can result in additional headers being passed to thunderbird...

7.8CVSS7.1AI score0.00652EPSS
Exploits1References23
Veracode
Veracode
added 2021/09/08 1:10 a.m.6 views

Privilege Escalation

claws-mail is vulnerable to privilege escalation. The vulnerability exists due to the lack of link checks before accepting a click in textviewurisecuritycheck in textview.c...

6.1CVSS6.5AI score0.01155EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2021/08/18 6:15 a.m.3 views

CVE-2021-20762

Improper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated to alter the data of E-mail without the appropriate privilege...

4.3CVSS5.9AI score0.00802EPSS
Exploits0References2
NVD
NVD
added 2021/08/18 6:15 a.m.15 views

CVE-2021-20757

Operational restrictions bypass vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Portal without the appropriate privilege...

4.3CVSS0.00818EPSS
Exploits0References2
Hacker One
Hacker One
added 2021/01/22 2:34 a.m.25 views

OpenMage: Sharing products with Mail allows phishing attacks due to misconfiguration.

Hello Team. I found a part that could cause a phishing attack. Incorrect configuration in the part of sharing products with mail causes this. 1. Go to https://demo.openmage.org/sendfriend/product/send/id/430/catid/20/ 2. The Sender email address should normally be an email address provided by you...

0.2AI score
Exploits0
OSV
OSV
added 2020/08/18 5:41 p.m.6 views

MGASA-2020-0321 Updated claws-mail packages fix security vulnerability

common/session.c in Claws Mail before 3.17.6 has a protocol violation because suffix data after STARTTLS is mishandled CVE-2020-15917...

9.8CVSS9.3AI score0.02592EPSS
Exploits0References3
OSV
OSV
added 2020/07/28 7:15 p.m.2 views

UBUNTU-CVE-2020-16094

In imapscantreerecursive in Claws Mail through 3.17.6, a malicious IMAP server can trigger stack consumption because of unlimited recursion into subdirectories during a rebuild of the folder tree...

7.5CVSS7.1AI score0.01781EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2020/05/20 12:0 a.m.3 views

PT-2020-6509 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: Apple iOS versions prior to 13.5 Apple iPadOS versions prior to 13.5 Apple watchOS versions prior to 6.2.5 Apple iOS version 12.4.7 and earlier Description: An out-of-bounds write issue was addressed with improved bounds checking. Processing ...

8.8CVSS6.4AI score0.02286EPSS
Exploits0References7
CNVD
CNVD
added 2020/05/14 12:0 a.m.6 views

Nextcloud Mail Trust Management Issue Vulnerability

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A trust management issue vulnerability exists in Nextcloud Mail version 1.1.3, which stems from a lack of authentication to a TLS host. An attacker could...

7CVSS6.6AI score0.00933EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/01/24 12:0 a.m.209 views

PHP 7.4.x < 7.4.1 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is prior to 7.2.26, 7.3.x prior to 7.3.13, or 7.4.x prior to 7.4.1. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file read vulnerability exists in link and DirectoryIterator class due to imprope...

9.8CVSS7.7AI score0.08818EPSS
Exploits5References8
Rows per page
Query Builder