Lucene search
K

12 matches found

OSV
OSV
added 2026/03/27 12:0 a.m.5 views

UBUNTU-CVE-2026-27859

A mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU. A suitably formatted mail message causes mail delivery process to consume large amounts of CPU time. Use MTA capabilities to limit RFC 2231 MIME parameters in mail messages, or upgrade to fixed...

5.3CVSS5.8AI score0.00374EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 5:39 a.m.6 views

CVE-2023-26435

It was possible to call filesystem and network references using the local LibreOffice instance using manipulated ODT documents. Attackers could discover restricted network topology and services as well as including local files with read permissions of the open-xchange system user. This was limite...

5CVSS6.6AI score0.00782EPSS
Exploits0References1
Sick AG
Sick AG
added 2025/03/14 11:0 a.m.11 views

Critical vulnerabilities in SICK DL100-2xxxxxxx

Critical vulnerabilities have been found in the SICK device DL100-2xxxxxxx. If exploited, this potentially allows an attacker to impact availabiltiy, integrity and confidentaility of the products. Currently, SICK is not aware of any public exploits specifically targeting these vulnerabilities. As...

9.8CVSS7.2AI score0.00518EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/11/26 12:0 a.m.13 views

GitLab 13.2.4 < 17.4.5 / 17.5 < 17.5.3 / 17.6 < 17.6.1 (CVE-2024-11828)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Inefficient Algorithmic Complexity in GitLab CVE-2024-11828 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...

7.5CVSS5.5AI score0.00583EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/09/09 12:0 a.m.5 views

PT-2024-38578 · Axis Communications · Axis Os

Name of the Vulnerable Software and Affected Versions: AXIS OS affected versions not specified Description: A flaw was found in the protection for device tampering, commonly known as Secure Boot, in AXIS OS, making it vulnerable to a sophisticated attack to bypass this protection. To the vendor's...

6.1CVSS6.8AI score0.00238EPSS
Exploits0References6
OSV
OSV
added 2024/09/06 3:15 p.m.5 views

AZL-69869 CVE-2024-25584 affecting package dovecot 2.3.20-1

Dovecot accepts dot LF DOT LF symbol as end of DATA command. RFC requires that it should always be CR LF DOT CR LF. This causes Dovecot to convert single mail with LF DOT LF in middle, into two emails when relaying to SMTP. Dovecot will split mail with LF DOT LF into two mails. Upgrade to latest...

5.3CVSS5.7AI score0.00187EPSS
Exploits0References1
OSV
OSV
added 2024/09/06 3:15 p.m.1 views

UBUNTU-CVE-2024-25584

Dovecot accepts dot LF DOT LF symbol as end of DATA command. RFC requires that it should always be CR LF DOT CR LF. This causes Dovecot to convert single mail with LF DOT LF in middle, into two emails when relaying to SMTP. Dovecot will split mail with LF DOT LF into two mails. Upgrade to latest...

5.3CVSS5.8AI score0.00187EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/08 12:0 a.m.6 views

PT-2024-19709 · Open Xchange Gmbh · Ox App Suite

Name of the Vulnerable Software and Affected Versions: No specific software name or affected versions are mentioned in the provided descriptions. Description: The issue concerns RSS feeds that contain malicious data attributes, which could be used to inject script code into a user's browser...

6.1CVSS6.9AI score0.00531EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/02/12 12:0 a.m.5 views

PT-2024-12961 · Softwarex · Softwarex

Name of the Vulnerable Software and Affected Versions: SoftwareX affected versions not specified Description: The issue arises from the improper sanitization of User ID references at mentions in document comments, allowing script code to be injected into a user's session when working with a...

6.1CVSS7AI score0.00528EPSS
Exploits0References8
OSV
OSV
added 2023/11/21 7:15 a.m.5 views

CVE-2023-5553

During internal Axis Security Development Model ASDM threat-modelling, a flaw was found in the protection for device tampering commonly known as Secure Boot in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis' knowledge, there are no known exploits of the...

6.8CVSS5.8AI score0.00332EPSS
Exploits0References1
OSV
OSV
added 2023/11/02 2:15 p.m.5 views

CVE-2023-29046

Connections to external data sources, like e-mail autoconfiguration, were not terminated in case they hit a timeout, instead those connections were logged. Some connections use user-controlled endpoints, which could be malicious and attempt to keep the connection open for an extended period of...

4.3CVSS5.7AI score0.00478EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/08/08 12:0 a.m.7 views

PT-2023-9151 · Unknown · Open-Xchange

Name of the Vulnerable Software and Affected Versions: Open-Xchange affected versions not specified Description: A component for parsing OXMF templates could be abused to execute arbitrary system commands that would be executed as the non-privileged runtime user. Users and attackers could run...

10CVSS9AI score0.0133EPSS
Exploits0References18
Rows per page
Query Builder