9 matches found
EUVD-2018-13492
Malware in sbrugna...
CVE-2018-20954
The "Security and Privacy" Encryption feature in Mailpile before 1.0.0rc4 does not exclude disabled, revoked, and expired keys...
Mailpile Encryption Problem Vulnerability
Mailpile is a Web-based open source e-mail client . A cryptographic vulnerability exists in the "Security and Privacy" encryption feature in Mailpile versions prior to 1.0.0rc4. The vulnerability stems from the incorrect use of cryptographic algorithms in a networked system or product, and can be...
CVE-2018-20954
The "Security and Privacy" Encryption feature in Mailpile before 1.0.0rc4 does not exclude disabled, revoked, and expired keys...
CVE-2018-20954
The "Security and Privacy" Encryption feature in Mailpile before 1.0.0rc4 does not exclude disabled, revoked, and expired keys...
Code injection
The "Security and Privacy" Encryption feature in Mailpile before 1.0.0rc4 does not exclude disabled, revoked, and expired keys...
CVE-2018-20954
The "Security and Privacy" Encryption feature in Mailpile before 1.0.0rc4 does not exclude disabled, revoked, and expired keys...
CVE-2018-20954
Summary: CVE-2018-20954 affects Mailpile before 1.0.0rc4, where the Security and Privacy Encryption feature does not exclude disabled, revoked, and expired keys. This root cause can lead to weak or incorrect encryption and potential plaintext exposure, as noted by multiple sources. The issue is a...
Over Dozen Popular Email Clients Found Vulnerable to Signature Spoofing Attacks
A team of security researchers has discovered several vulnerabilities in various implementations of OpenPGP and S/MIME email signature verification that could allow attackers to spoof signatures on over a dozen of popular email clients. The affected email clients include Thunderbird, Microsoft...