Allocation of Resources Without Limits or Throttling

Overview std/mime is a Go standard library package std/mime Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report: Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...

MiracleLinux 3 : openssl-0.9.8e-22.AXS3.1 (AXSA:2012-465:03)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-465:03 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

EUVD-2008-4472

Malware in sbrugna...

EUVD-2009-0551

Malware in sbrugna...

EUVD-2018-10234

Malware in sbrugna...

EUVD-2018-4347

Malware in sbrugna...

EUVD-2018-7331

Malware in sbrugna...

EUVD-2019-3425

Malware in sbrugna...

EUVD-2019-2528

Malware in sbrugna...

EUVD-2008-7231

Malware in sbrugna...

EUVD-2018-4346

Malware in sbrugna...

CVE-2025-2545

CVE-2025-2545 affects Best Practical Solutions, LLC’s Request Tracker prior to v5.0.8. The issue arises from using the Triple DES (3DES) cryptographic algorithm to protect emails sent with S/MIME, which is considered obsolete and insecure. The documented impact on confidentiality is described as ...

CVE-2024-4140

An excessive memory use issue CWE-770 exists in Email-MIME, before version 1.954, which can cause denial of service when parsing multipart MIME messages. The patch set from 2020 and 2024 limits excessive depth and the total number of parts...

MGASA-2021-0067 Updated messagelib packages fix a security vulnerability

In KDE KMail, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted parts can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended...

CVE-2019-11755

A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer was shown as having a valid digital signature, although the signer might have had no access to the contents of the encrypted message, and might have stripped a different signature from the encrypted...

CVE-2019-11739

Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird 68.1 and Thunderbird 60.9...

CVE-2019-10732

In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted parts can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the...

00ld8nuivn (=2.1.0), 00rqiw31nd (=2.1.0) +33852 more potentially affected by CVE-2017-16138 via mime (>=1.0.0 <=1.4.0)

mime NPM version =1.0.0, =1.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on mime and may be impacted: - 00ld8nuivn =2.1.0 - 00rqiw31nd =2.1.0 - 01dk01majk =2.1.0 - 02rjq8i863 =1.1.0 - 02vx8qsp01 =2.1.0 - 05y6tjgmws =1.1.0 - 066m7q8o0z =2.1.0 -...

CVE-2017-17689

The S/MIME specification allows a Cipher Block Chaining CBC malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL...

OpenPGP and S/MIME eFail Information Disclosure

An information disclosure vulnerability exists in OpenPGP and S/MIME. Successful exploitation would allow the attacker to decrypt the traffic and obtain or modify sensitive information...