Lucene search
K

867 matches found

CNVD
CNVD
added 2025/12/12 12:0 a.m.7 views

MailEnable Failed Parameter Cross-Site Scripting Vulnerability

MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-suppli...

6.1CVSS6AI score0.00418EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/12 12:0 a.m.11 views

MailEnable Added Parameter Cross-Site Scripting Vulnerability

MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-suppli...

6.1CVSS6.4AI score0.00418EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/12 12:0 a.m.11 views

MailEnable Message Parameter Cross-Site Scripting Vulnerability

MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied da...

6.1CVSS6.3AI score0.00336EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/12 12:0 a.m.11 views

MailEnable InstanceScope Parameter Cross-Site Scripting Vulnerability

MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied da...

6.1CVSS6AI score0.00336EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/12 12:0 a.m.10 views

MailEnable FieldTo Parameter Cross-Site Scripting Vulnerability

MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-suppli...

6.1CVSS6.2AI score0.00336EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/12 12:0 a.m.8 views

MailEnable FieldCc Parameter Cross-Site Scripting Vulnerability

MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-suppli...

6.1CVSS6.2AI score0.00336EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/11 7:1 p.m.10 views

CVE-2025-34427

MailEnable versions prior to 10.54 contain a cleartext storage of credentials vulnerability that can lead to local credential compromise and account takeover. The product stores user and administrative passwords in plaintext within AUTH.TAB with overly permissive filesystem access. A local...

8.4CVSS6.2AI score0.00102EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/11 7:1 p.m.8 views

CVE-2025-34428

MailEnable versions prior to 10.54 contain a cleartext storage of credentials vulnerability that can lead to local credential compromise and account takeover. The product stores user and administrative passwords in plaintext within AUTH.SAV with overly permissive filesystem access. A local...

8.4CVSS6.2AI score0.00105EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/11 5:2 p.m.6 views

CVE-2025-34421

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAISP.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS7.3AI score0.0017EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/11 5:2 p.m.5 views

CVE-2025-34420

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIAM.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS7.3AI score0.0015EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/11 5:2 p.m.5 views

CVE-2025-34419

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAISM.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS7.4AI score0.00147EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/11 5:2 p.m.5 views

CVE-2025-34424

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIDP.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS7.3AI score0.00147EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/11 5:2 p.m.5 views

CVE-2025-34423

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIAU.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS7.3AI score0.00147EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/11 5:2 p.m.5 views

CVE-2025-34417

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAISO.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS7.4AI score0.0015EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/11 5:2 p.m.5 views

CVE-2025-34418

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIMF.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS7.4AI score0.00147EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/11 5:2 p.m.6 views

CVE-2025-34416

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIPO.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS7.4AI score0.0015EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/11 5:2 p.m.6 views

CVE-2025-34422

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIPC.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS7.3AI score0.0015EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/10 9:31 p.m.6 views

EUVD-2025-202503

MailEnable versions prior to 10.54 contain a cleartext storage of credentials vulnerability that can lead to local credential compromise and account takeover. The product stores user and administrative passwords in plaintext within AUTH.SAV with overly permissive filesystem access. A local...

6.8CVSS5.8AI score0.00105EPSS
Exploits0References4
OSV
OSV
added 2025/12/10 7:16 p.m.7 views

CVE-2025-34428

MailEnable versions prior to 10.54 contain a cleartext storage of credentials vulnerability that can lead to local credential compromise and account takeover. The product stores user and administrative passwords in plaintext within AUTH.SAV with overly permissive filesystem access. A local...

7.8CVSS5.8AI score
Exploits0References3
OSV
OSV
added 2025/12/10 7:16 p.m.4 views

CVE-2025-34427

MailEnable versions prior to 10.54 contain a cleartext storage of credentials vulnerability that can lead to local credential compromise and account takeover. The product stores user and administrative passwords in plaintext within AUTH.TAB with overly permissive filesystem access. A local...

7.8CVSS5.8AI score0.00102EPSS
Exploits0References3
Rows per page
Query Builder