Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

Positive Technologies
Positive Technologiesadded 2026/02/19 12:0 a.m.2 views

PT-2026-20900

Name of the Vulnerable Software and Affected Versions GFI MailEssentials AI versions prior to 22.4 Description GFI MailEssentials AI versions before 22.4 have a flaw that allows authenticated users to check for the existence of arbitrary files on the server. This is possible through the...

5.3CVSS5.5AI score0.00041EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/02/19 12:0 a.m.5 views

GFI MailEssentials AI 安全漏洞

GFI MailEssentials AI is an open-source anti-spam and data breach protection software developed by GFI in the United States. Versions of GFI MailEssentials AI prior to version 22.4 contained a security vulnerability. This vulnerability stemmed from a storage cross-site scripting vulnerability...

5.4CVSS5.6AI score0.00045EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-14684

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00239EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-14683

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00326EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/04/30 8:15 p.m.13 views

CVE-2025-34491

GFI MailEssentials prior to version 21.8 is vulnerable to a .NET deserialization issue. A remote and authenticated attacker can execute arbitrary code by sending crafted serialized .NET when joining to a Multi-Server setup...

8.8CVSS7.7AI score0.00326EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/04/30 7:11 p.m.6 views

CVE-2025-34490

GFI MailEssentials prior to version 21.8 is vulnerable to an XML External Entity XXE issue. An authenticated and remote attacker can send crafted HTTP requests to read arbitrary system files...

6.5CVSS6.9AI score0.00239EPSS
Exploits1References1
NVD
NVDadded 2025/04/28 8:15 p.m.11 views

CVE-2025-34491

GFI MailEssentials prior to version 21.8 is vulnerable to a .NET deserialization issue. A remote and authenticated attacker can execute arbitrary code by sending crafted serialized .NET when joining to a Multi-Server setup...

8.8CVSS0.00326EPSS
Exploits1References3
CVE
CVEadded 2025/04/28 7:20 p.m.64 views

CVE-2025-34491

CVE-2025-34491 affects GFI MailEssentials prior to v21.8. The issue is a .NET deserialization flaw in the Multi-Server setup that allows a remote, authenticated attacker to execute arbitrary code by sending crafted serialized .NET data. Root cause: improper deserialization in the Multi-Server com...

8.8CVSS8.9AI score0.00326EPSS
Exploits1References3Affected Software1
NVD
NVDadded 2025/04/28 7:15 p.m.10 views

CVE-2025-34490

GFI MailEssentials prior to version 21.8 is vulnerable to an XML External Entity XXE issue. An authenticated and remote attacker can send crafted HTTP requests to read arbitrary system files...

6.5CVSS0.00239EPSS
Exploits1References3
CVE
CVEadded 2025/04/28 7:2 p.m.55 views

CVE-2025-34490

GFI MailEssentials

6.5CVSS6.4AI score0.00239EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologiesadded 2025/04/28 12:0 a.m.3 views

PT-2025-18106 · Gfi · Gfi Mailessentials

Name of the Vulnerable Software and Affected Versions: GFI MailEssentials versions prior to 21.8 Description: The issue is related to an XML External Entity XXE problem. An authenticated and remote attacker can send crafted HTTP requests to read arbitrary system files. Recommendations: For versio...

6.5CVSS6.4AI score0.00239EPSS
Exploits1References7
Rows per page
Query Builder