EUVD-2008-5407

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-10740

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The...

SUSE CVE-2019-10735

In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted parts can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the...

WordPress 4.0.x < 4.0.37 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A stored Cross-Site Scripting XSS via wp-mail.php post by email. - An open redirect in wpnonceays. - Sender's email address is exposed in wp-mail.php. - A Cross-Site...

WordPress core <= 6.0.2 - Content From Multipart Emails Leak vulnerability

Content From Multipart Emails Leak vulnerability when HTML/plaintext used discovered by Thomas Kräftner in WordPress core versions = 6.0.2. Solution Update the WordPress WordPress wordpress to the latest available version at least 6.0.3...

Security update for neomutt (moderate)

openSUSE Security Update: Security update for neomutt Announcement ID: openSUSE-SU-2022:10020-1 Rating: moderate References: 1184787 1185705 Cross-References: CVE-2021-32055 CVE-2022-1328 CVSS scores: CVE-2021-32055 NVD : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVE-2021-32055 SUSE: 5.3...

FreeBSD : spamassassin -- multiple vulnerabilities (70111759-1dae-11ea-966a-206a8a720317)

the Apache Spamassassin project reports : An input validation error of user-supplied input parsing multipart emails. Specially crafted emails can consume all resources on the system. A local user is able to execute arbitrary shell commands through specially crafted nefarious CF files. C Tenable...

spamassassin -- multiple vulnerabilities

the Apache Spamassassin project reports: An input validation error of user-supplied input parsing multipart emails. Specially crafted emails can consume all resources on the system. A local user is able to execute arbitrary shell commands through specially crafted nefarious CF files...

DEBIAN-CVE-2019-14664

In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted parts can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended...

UBUNTU-CVE-2019-10735

In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted parts can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the...

CVE-2019-10732

In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted parts can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the...

CVE-2004-2137

Outlook Express 6.0, when sending multipart e-mail messages using the "Break apart messages larger than" setting, leaks the BCC recipients of the message to the addresses listed in the To and CC fields, which may allow remote attackers to obtain sensitive information...