CVE-2023-4105

Mattermost fails to delete the attachments when deleting a message in a thread allowing a simple user to still be able to access and download the attachment of a deleted message...

EUVD-2001-0340

Malware in sbrugna...

CVE-2022-1520

When viewing an email message A, which contains an attached message B, where B is encrypted or digitally signed or both, Thunderbird may show an incorrect encryption or signature status. After opening and viewing the attached message B, when returning to the display of message A, the message A...

Improper Input Validation in Apache CXF

Apache CXF supports sending and receiving attachments via either the JAX-WS or JAX-RS specifications. It is possible to craft a message attachment header that could lead to a Denial of Service DoS attack on a CXF web service provider. Both JAX-WS and JAX-RS services are vulnerable to this attack...

Rocket.Chat: XSS in message attachment fileds.

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling out the report! Summary: There is a...

DNN Information Disclosure Vulnerability

DNN also known as DotNetNuke is a set of U.S. DNN by Microsoft support , based on the ASP.NET platform for open source content management system CMS. The system is easy to install , scalable , feature-rich and so on. DNN formerly DotNetNuke 9.5 version of the embedded...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.4 on RHEL7 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Design/Logic Flaw

Apache CXF supports sending and receiving attachments via either the JAX-WS or JAX-RS specifications. It is possible to craft a message attachment header that could lead to a Denial of Service DoS attack on a CXF web service provider. Both JAX-WS and JAX-RS services are vulnerable to this attack...

CVE-2017-12624

Apache CXF supports sending and receiving attachments via either the JAX-WS or JAX-RS specifications. It is possible to craft a message attachment header that could lead to a Denial of Service DoS attack on a CXF web service provider. Both JAX-WS and JAX-RS services are vulnerable to this attack...

CVE-2016-1788

CVE-2016-1788 affects Apple Messages across iOS <9.3, OS X <10.11.4, and watchOS

Docebo LMS <= 4.0.4 - (messages) Remote Code Execution

No description provided by source. ?php / Docebo LMS = v4.0.4 messages remote code execution exploit vendor: http://www.docebo.com/ software link: http://www.docebo.com/community/doceboCms/ author: mrme::rwx kru email: steventhomasseeley!gmail!com We must become the change we want to see in the...

Docebo Lms 4.0.4 - Messages Remote Code Execution

Docebo Lms 4.0.4 - Messages Remote Code Execution if$GLOBALS'modname' != '' $modulecfg =& createModule...

lyris-listmanager.txt

Title: Lyris ListManager Multiple Flaws Release Date: December 8, 2005 Patch Date: Unknown v8.9b resolves most issues Reported Date: June 21, 2005 Vendor: Lyris Systems Affected: Lyris ListManager v5.0-8.8a most flaws Summary: The Lyris ListManager software is vulnerable to numerous SQL injection...