Lucene search
K

181 matches found

Positive Technologies
Positive Technologies
added 2019/10/16 12:0 a.m.5 views

PT-2019-15210 · Dolibarr · Dolibarr

Name of the Vulnerable Software and Affected Versions: Dolibarr version 10.0.2 Description: The issue is related to a security problem where an attacker can inject malicious code. This is possible through the 'outgoing email setup' feature, specifically in the admin/mails.php?action=edit URI, by...

5.4CVSS5.1AI score0.00817EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.32 views

Debian DLA-1868-1 : squirrelmail security update

A XSS vulnerability was discovered in SquirrelMail. Due to improper handling of RCDATA and RAWTEXT type elements, the built-in sanitization mechanism can be bypassed. Malicious script content from HTML e-mails can be executed within the application context via crafted use of for example a NOEMBED...

6.1CVSS6.1AI score0.01819EPSS
Exploits2References3
ThreatPost
ThreatPost
added 2019/07/14 7:54 p.m.153 views

68% of Overwhelmed IT Managers Say They Can't Keep Up with Cyberattacks

IT managers feel overwhelmed by the volume of cyberattack attempts, with most of them admitting that successful hacks of their company networks are becoming the norm. That’s according to a research report The Impossible Puzzle of Cybersecurity, released Friday. In a survey of 3,100 IT managers...

7.6AI score
Exploits0References9
Hacker One
Hacker One
added 2019/04/01 3:52 p.m.33 views

Ubiquiti Inc.: Catch mails sent to an SMTP Server over SSL using an Evil SMTP Server

A malicious actor setting up an SMTP proxy server between the UniFi Controller and their actual SMTP server can record their SMTP credentials for malicious use...

4.3CVSS1.3AI score0.01295EPSS
Exploits0
Openbugbounty
Openbugbounty
added 2018/09/28 11:29 p.m.13 views

mails-news.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-680920 Description| Value ---|--- Affected Website:| mails-news.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2018/09/07 11:0 a.m.14 views

ThreatList: Attacks on Industrial Control Systems on the Rise

The systems that power the manufacturing, power and water plants, the oil and gas industry, and many other sectors are increasingly in the crosshairs of cyber-attackers: A full 41.2 percent of industrial control system ICS were attacked by malicious software at least once in the first half of 201...

2.4AI score
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2018/05/29 12:0 a.m.18 views

openSUSE Security Update : enigmail (openSUSE-2018-535)

This update for enigmail to version 2.0.6 fixes the following issues : Security issues fixed : - Replies to a partially encrypted message may have revealed protected information: no longer display PGP/MIME message part followed by unencrypted data boo1094781 - Signature could be spoofed via...

5.5AI score
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2018/05/28 9:10 p.m.88 views

Security update for enigmail (moderate)

This update for enigmail to version 2.0.6 fixes the following issues: Security issues fixed: - Replies to a partially encrypted message may have revealed protected information: no longer display PGP/MIME message part followed by unencrypted data boo1094781 - Signature could be spoofed via...

0.6AI score
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2018/05/28 9:7 p.m.59 views

Security update for enigmail (moderate)

This update for enigmail to version 2.0.6 fixes the following issues: Security issues fixed: - Replies to a partially encrypted message may have revealed protected information: no longer display PGP/MIME message part followed by unencrypted data boo1094781 - Signature could be spoofed via...

0.6AI score
Exploits0References1
Exploit DB
Exploit DB
added 2018/03/13 12:0 a.m.62 views

SecurEnvoy SecurMail 9.1.501 - Multiple Vulnerabilities

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Critical Vulnerabilities product: SecurEnvoy SecurMail vulnerable version: 9.1.501 fixed version: 9.2.501 or hotfix patch "1012018" CVE number: CVE-2018-7701,...

9.1CVSS6.9AI score0.14717EPSS
Exploits10
Kitploit
Kitploit
added 2018/01/25 1:15 p.m.16 views

Domain Analyzer - Analyze The Security Of Any Domain By Finding All the Information Possible

Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way. How Domain analyzer takes a domain name and finds information about it, such as DNS servers, mail servers, IP...

6.4AI score
Exploits0References1
CVE
CVE
added 2017/11/27 10:0 a.m.75 views

CVE-2017-16962

Summary: CVE-2017-16962 affects CommuniGate Pro WebMail Crystal, pronto, and pronto4 components before version 6.2.1. The issue is a stored cross-site scripting (XSS) vulnerability. An attacker can craft calendar invitations or items that trigger scripts when rendered by WebMail, via vectors incl...

6.1CVSS6AI score0.02186EPSS
Exploits1References2Affected Software1
n0where
n0where
added 2017/08/30 4:21 a.m.28 views

Domain Analyzer

Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way. Domain analyzer takes a domain name and finds information about it, such as DNS servers, mail servers, IP addresse...

6.5AI score
Exploits0References1
myhack58
myhack58
added 2017/04/13 12:0 a.m.705 views

Spread banking Trojan the Office 0day vulnerabilities-vulnerability warning-the black bar safety net

Micro-step online Threat Intelligence briefing Number: TB-2017-0003 Report confidence: 90 TAG: Microsoft, Office, 0day, vulnerabilities, phishing mails, Dridex TLP: yellow only accept the report of the Organization for internal use Date: 2017-04-11 Update Micro-step online to GMT 4 May 11, to the...

8.5AI score0.99933EPSS
Exploits29
Check Point Advisories
Check Point Advisories
added 2017/03/08 12:0 a.m.1 views

Suspicious Metadata Mail Phishing Redirection

Mail attachment containing a malicious html file was observed as part of recent campaigns. A remote attacker could send spam e-mails including those html and redirects users to manually download malicious files...

3.4AI score
Exploits0
NVD
NVD
added 2017/01/31 10:59 p.m.19 views

CVE-2016-9411

The Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to obtain the installation path via vectors involving sending mails...

5.3CVSS5.2AI score0.0176EPSS
Exploits0References4
Cvelist
Cvelist
added 2017/01/31 10:0 p.m.19 views

CVE-2016-9411

The Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to obtain the installation path via vectors involving sending mails...

5.6AI score0.0176EPSS
Exploits0References4
Check Point Advisories
Check Point Advisories
added 2017/01/30 12:0 a.m.2 views

Suspicious Metadata Mail Phishing Containing Archive Attachment

Suspicious Mail containing archive attachment was observed as part of phishing campaigns. A remote attacker could send spam e-mails including those files. This would allow the malicious code to run and infect the target system...

3.5AI score
Exploits0
NVD
NVD
added 2016/12/15 6:59 a.m.15 views

CVE-2016-6845

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Script code within hyperlinks at HTML E-Mails is not getting correctly sanitized when using base64 encoded "data" resources. This allows an attacker to provide hyperlinks that may execute script code instead of directing to a...

6.1CVSS6.4AI score0.00713EPSS
Exploits0References2
Prion
Prion
added 2016/12/15 6:59 a.m.17 views

Design/Logic Flaw

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Script code within hyperlinks at HTML E-Mails is not getting correctly sanitized when using base64 encoded "data" resources. This allows an attacker to provide hyperlinks that may execute script code instead of directing to a...

4.3CVSS7.2AI score0.00713EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder