Lucene search
K

867 matches found

NVD
NVD
added 2025/12/10 7:16 p.m.4 views

CVE-2025-34428

MailEnable versions prior to 10.54 contain a cleartext storage of credentials vulnerability that can lead to local credential compromise and account takeover. The product stores user and administrative passwords in plaintext within AUTH.SAV with overly permissive filesystem access. A local...

8.4CVSS0.00101EPSS
Exploits0References3
OSV
OSV
added 2025/12/10 7:16 p.m.4 views

CVE-2025-34427

MailEnable versions prior to 10.54 contain a cleartext storage of credentials vulnerability that can lead to local credential compromise and account takeover. The product stores user and administrative passwords in plaintext within AUTH.TAB with overly permissive filesystem access. A local...

7.8CVSS5.8AI score0.001EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/10 6:30 p.m.5 views

EUVD-2025-202442

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIAU.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS6.9AI score0.00144EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/10 6:30 p.m.3 views

EUVD-2025-202441

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIDP.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS6.9AI score0.00144EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/10 6:30 p.m.5 views

EUVD-2025-202439

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIPC.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS6.9AI score0.00147EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/10 6:30 p.m.5 views

EUVD-2025-202435

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAISP.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS6.9AI score0.00164EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/10 6:30 p.m.4 views

EUVD-2025-202438

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIPO.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS7AI score0.00144EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/10 6:30 p.m.9 views

EUVD-2025-202437

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAISM.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS7AI score0.00141EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/10 6:30 p.m.5 views

EUVD-2025-202443

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIAM.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS6.9AI score0.00147EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/10 6:30 p.m.7 views

EUVD-2025-202436

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAISO.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS7AI score0.00144EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/10 6:30 p.m.5 views

EUVD-2025-202440

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIMF.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS7AI score0.00144EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/10 6:24 p.m.3 views

CVE-2025-34427 MailEnable < 10.54 Cleartext Credential Storage in AUTH.TAB

MailEnable versions prior to 10.54 contain a cleartext storage of credentials vulnerability that can lead to local credential compromise and account takeover. The product stores user and administrative passwords in plaintext within AUTH.TAB with overly permissive filesystem access. A local...

8.4CVSS5.9AI score0.001EPSS
Exploits0References3
CVE
CVE
added 2025/12/10 6:24 p.m.21 views

CVE-2025-34427

Summary: CVE-2025-34427 affects MailEnable versions prior to 10.54, where credentials are stored in cleartext in AUTH.TAB with overly permissive filesystem access. A local authenticated user with read access to AUTH.TAB can recover all user passwords and super-admin credentials, then authenticate...

8.4CVSS5.9AI score0.001EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/10 6:23 p.m.3 views

CVE-2025-34428 MailEnable < 10.54 Cleartext Credential Storage in AUTH.SAV

MailEnable versions prior to 10.54 contain a cleartext storage of credentials vulnerability that can lead to local credential compromise and account takeover. The product stores user and administrative passwords in plaintext within AUTH.SAV with overly permissive filesystem access. A local...

8.4CVSS5.9AI score0.00101EPSS
Exploits0References3
CVE
CVE
added 2025/12/10 6:23 p.m.15 views

CVE-2025-34428

MailEnable

8.4CVSS5.9AI score0.00101EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/12/10 6:23 p.m.38 views

CVE-2025-34428 MailEnable < 10.54 Cleartext Credential Storage in AUTH.SAV

MailEnable versions prior to 10.54 contain a cleartext storage of credentials vulnerability that can lead to local credential compromise and account takeover. The product stores user and administrative passwords in plaintext within AUTH.SAV with overly permissive filesystem access. A local...

8.4CVSS0.00101EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/10 6:13 p.m.6 views

CVE-2025-34403

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the FieldTo parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The FieldTo value is not properly sanitized when processed via a GET request and is reflected inside a...

6.1CVSS5.8AI score0.00336EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/10 6:13 p.m.5 views

CVE-2025-34399

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the AddressesCc parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The AddressesCc value is not properly sanitized when processed via a GET request and is reflected within a...

6.1CVSS5.8AI score0.00336EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/10 6:13 p.m.4 views

CVE-2025-34397

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the Message parameter of /Mobile/Compose.aspx. The Message value is not properly sanitized when processed via a GET request and is reflected into a JavaScript context in the response. By supplying a...

6.1CVSS5.8AI score0.00336EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/10 6:13 p.m.6 views

CVE-2025-34398

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the AddressesBcc parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The AddressesBcc value is not properly sanitized when processed via a GET request and is reflected within a...

6.1CVSS5.8AI score0.00336EPSS
Exploits0References1
Rows per page
Query Builder