CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-3783

Malware in sbrugna...

9.8CVSS9.2AI score0.18675EPSS

Exploits0References12

SUSE CVE•added 2023/02/15 4:27 a.m.•1 views

SUSE CVE-2018-11780

A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin before 3.4.2...

8.1CVSS9.4AI score0.18675EPSS

Exploits0References6

Veracode•added 2020/12/06 4:22 a.m.•30 views

Arbitrary Code Execution

Apache SpamAssassin is vulnerable to remote code execution. PDFInfo plugin may lead to arbitrary code execution...

9.8CVSS3.6AI score0.18675EPSS

Exploits0References9Affected Software1

OPENSUSE Linux•added 2019/08/06 12:0 a.m.•68 views

Security update for spamassassin (moderate)

openSUSE Security Update: Security update for spamassassin Announcement ID: openSUSE-SU-2019:1831-1 Rating: moderate References: 1069831 1107765 1108745 1108748 1108749 1108750 1115411 Cross-References: CVE-2016-1238 CVE-2017-15705 CVE-2018-11780 CVE-2018-11781 Affected Products: openSUSE Leap 15...

9.8CVSS8.1AI score0.18675EPSS

Exploits0References7

Tenable Nessus•added 2019/07/25 12:0 a.m.•31 views

SUSE SLED12 / SLES12 Security Update : spamassassin (SUSE-SU-2019:1961-1)

This update for spamassassin to version 3.4.2 fixes the following issues : Security issues fixed : CVE-2017-15705: Fixed denial of service via unclosed tags in crafted emails bsc1108745. CVE-2018-11781: Fixed a code injection in the meta rule syntax by local users bsc1108748. CVE-2018-11780: Fixe...

9.8CVSS7.3AI score0.18675EPSS

Exploits0References12

Ubuntu•added 2018/12/05 4:30 p.m.•81 views

USN-3811-3: SpamAssassin vulnerabilities

USN-3811-1 fixed a vulnerability in spamassassin. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that SpamAssassin incorrectly handled the PDFInfo plugin. A remote attacker could possibly use this issue to execute arbitrary code...

9.8CVSS8.4AI score0.18675EPSS

Exploits0

Tenable Nessus•added 2018/11/14 12:0 a.m.•25 views

Debian DLA-1578-1 : spamassassin security update

Multiple vulnerabilities were found in Spamassassin, which could lead to Remote Code Execution and Denial of Service attacks under certain circumstances. CVE-2016-1238 Many Perl programs do not properly remove . period characters from the end of the includes directory array, which might allow loc...

9.8CVSS7AI score0.18675EPSS

Exploits0References6

Debian•added 2018/11/13 7:6 p.m.•467 views

[SECURITY] [DLA 1578-1] spamassassin security update

Package : spamassassin Version : 3.4.2-0+deb8u1 CVE ID : CVE-2016-1238 CVE-2017-15705 CVE-2018-11780 CVE-2018-11781 Debian Bug : 784023 865924 883775 889501 891041 908969 908970 908971 913571 Multiple vulnerabilities were found in Spamassassin, which could lead to Remote Code Execution and Denial...

9.8CVSS6.9AI score0.18675EPSS

Exploits0

Tenable Nessus•added 2018/11/07 12:0 a.m.•31 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : SpamAssassin vulnerabilities (USN-3811-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3811-1 advisory. It was discovered that SpamAssassin incorrectly handled certain unclosed tags in emails. A remote attacker could possibly use thi...

9.8CVSS7.2AI score0.18675EPSS

Exploits0References4

OSV•added 2018/11/06 4:17 p.m.•0 views

USN-3811-1 spamassassin vulnerabilities

It was discovered that SpamAssassin incorrectly handled certain unclosed tags in emails. A remote attacker could possibly use this issue to cause a denial of service. CVE-2017-15705 It was discovered that SpamAssassin incorrectly handled the PDFInfo plugin. A remote attacker could possibly use th...

9.8CVSS7.1AI score0.18675EPSS

Exploits0References4

Mageia•added 2018/10/30 6:1 p.m.•42 views

Updated spamassassin packages fix security vulnerabilities

Updated spamassassin package fixes security vulnerabilities: A reliance on "." in @INC in one configuration script CVE-2016-1238. A denial of service vulnerability arises with certain unclosed tags in emails that cause markup to be handled incorrectly leading to scan timeouts CVE-2017-15705. A...

9.8CVSS1.4AI score0.18675EPSS

Exploits0References2

Tenable Nessus•added 2018/10/19 12:0 a.m.•34 views

Amazon Linux AMI : spamassassin (ALAS-2018-1091)

A flaw was found in the way a local user on the SpamAssassin server could inject code in the meta rule syntax. This could cause the arbitrary code execution on the server when these rules are being processed.CVE-2018-11781 A potential Remote Code Execution bug exists with the PDFInfo plugin in...

9.8CVSS7.2AI score0.18675EPSS

Exploits0References4

Tenable Nessus•added 2018/09/27 12:0 a.m.•50 views

FreeBSD : spamassassin -- multiple vulnerabilities (613193a0-c1b4-11e8-ae2d-54e1ad3d6335)

the Apache Spamassassin project reports : In Apache SpamAssassin, using HTML::Parser, we setup an object and hook into the begin and end tag event handlers In both cases, the 'open' event is immediately followed by a 'close' event - even if the tag does not close in the HTML being parsed. Because...

9.8CVSS6.9AI score0.18675EPSS

Exploits0References6

CNVD•added 2018/09/19 12:0 a.m.•1 views

Apache SpamAssassin PDFInfo plugin remote code execution vulnerability

Apache SpamAssassin is the United States Apache Apache Software Foundation, an open source spam filter, which provides system administrators with a filter and support for e-mail classification to stop spam.PDFInfo is one of the PDF file information processing plug-ins. Apache SpamAssassin 3.4.2...

9.8CVSS9.6AI score0.18675EPSS

Exploits0References1

OSV•added 2018/09/17 2:29 p.m.•19 views

CVE-2018-11780

A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin before 3.4.2...

9.8CVSS7.3AI score

Exploits0References7