CVE-2026-26930

CVE-2026-26930 affects SmarterTools SmarterMail prior to version 9526, where XSS is possible via MAPI requests. The CVSS v3.1 base score is 7.2 (HIGH) with network attack vector, no privileges required, user interaction not required, and a changed scope. Patch guidance is to upgrade to 9526 or la...

CVE-2025-11719

CVE-2025-11719 affects Mozilla Firefox and Thunderbird. On Windows, use of the native messaging API by web extensions can trigger use-after-free memory corruption, leading to crashes. Affected versions: Firefox < 144 and Thunderbird

EUVD-2011-4518

Malware in sbrugna...

Cisco Webex Meetings App Character Interface Manipulation (cisco-sa-webex-app-qrtO6YC2)

A vulnerability in the messaging interface of Cisco Webex App, formerly Webex Teams, could allow an unauthenticated, remote attacker to manipulate links or other content within the messaging interface. This vulnerability exists because the affected software does not properly handle character...

Design/Logic Flaw

A vulnerability in the messaging interface of Cisco Webex App, formerly Webex Teams, could allow an unauthenticated, remote attacker to manipulate links or other content within the messaging interface. This vulnerability exists because the affected software does not properly handle character...

CVE-2022-20863 Cisco Webex Meetings App Character Interface Manipulation Vulnerability

A vulnerability in the messaging interface of Cisco Webex App, formerly Webex Teams, could allow an unauthenticated, remote attacker to manipulate links or other content within the messaging interface. This vulnerability exists because the affected software does not properly handle character...

CVE-2022-20863

Cisco Webex App (formerly Webex Teams) contains a vulnerability in its messaging interface that could allow an unauthenticated, remote attacker to manipulate displayed links or content by exploiting improper handling of character rendering. The issue arises when messages are processed in the inte...

Cisco Webex 安全漏洞

Cisco Webex is a suite of video conferencing and collaboration products from Cisco. A security vulnerability exists in the Cisco Webex App prior to version 42.7, which arises from a vulnerability in the messaging interface that could allow an unauthenticated, remote attacker to manipulate links o...

PT-2022-4711 · Cisco · Cisco Webex App

Name of the Vulnerable Software and Affected Versions: Cisco Webex App versions affected versions not specified Description: A vulnerability in the messaging interface of Cisco Webex App could allow an unauthenticated, remote attacker to manipulate links or other content within the messaging...

CVE-2021-27089

Microsoft Internet Messaging API Remote Code Execution Vulnerability...

Microsoft Internet Messaging API 代码注入漏洞

The Microsoft Internet Messaging API is an application programming interface from Microsoft. Applications programmed with MAPI can be used with a variety of email servers by changing the MAPI driver without the need for changes. Microsoft Internet Messaging API remote code execution vulnerability...

Vulnerabilities fixed in Microsoft Windows

Vulnerabilities have been fixed in Windows. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Impersonating another user Access to sensitive...

PT-2021-2712 · Microsoft · Windows +1

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Microsoft Internet Messaging API affected versions not specified Description: The issue is related to insecure privilege management in the Windows Event Tracing service and incorrect code generation...

CVE-2021-1242

A vulnerability in Cisco Webex Teams could allow an unauthenticated, remote attacker to manipulate file names within the messaging interface. The vulnerability exists because the affected software mishandles character rendering. An attacker could exploit this vulnerability by sharing a file withi...

CVE-2021-1242 Cisco Webex Teams Shared File Manipulation Vulnerability

A vulnerability in Cisco Webex Teams could allow an unauthenticated, remote attacker to manipulate file names within the messaging interface. The vulnerability exists because the affected software mishandles character rendering. An attacker could exploit this vulnerability by sharing a file withi...

Cisco Jabber and Webex Client Software Shared File Manipulation Vulnerability

A vulnerability in Cisco Jabber and Cisco Webex formerly Teams could allow an unauthenticated, remote attacker to manipulate file names within the messaging interface. The vulnerability exists because the affected software mishandles character rendering. An attacker could exploit this vulnerabili...

systemd: systemd-resolved allows unprivileged users to configure DNS

An improper authorization flaw was discovered in systemd-resolved in the way it configures the exposed DBus interface org.freedesktop.resolve1. An unprivileged local attacker could call all DBus methods, even when marked as privileged operations. An attacker could abuse this flaw by changing the...

VulnCheck KEV: CVE-2009-0099

The Electronic Messaging System Microsoft Data Base EMSMDB32 provider in Microsoft Exchange 2000 Server SP3 and Exchange Server 2003 SP2, as used in Exchange System Attendant, allows remote attackers to cause a denial of service application outage via a malformed MAPI command, aka "Literal...

Design/Logic Flaw

Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 does not properly handle user/actionredir group messages, which allows remote authenticated users to discover e-mail addresses by visiting the messaging interface...

PT-2012-1925 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle versions 1.9.x through 1.9.14 Moodle versions 2.0.x through 2.0.5 Moodle versions 2.1.x through 2.1.2 Description: The issue arises from improper handling of user/action redir group messages, allowing remote authenticated users to...