837 matches found
CVE-2026-41232
Froxlor is open source server administration software. Prior to version 2.3.6, in EmailSender::add, the domain ownership validation for full email sender aliases uses the wrong array index when splitting the email address, passing the local part instead of the domain to...
USN-8253-2 postfix vulnerability
USN-8253-1 fixed a vulnerability in Postfix. This update provides the corresponding fix for Postfix on Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Kamil Frankowicz discovered that Postfix incorrectly handled certain enhanced status codes....
USN-8253-2: Postfix vulnerability
USN-8253-1 fixed a vulnerability in Postfix. This update provides the corresponding fix for Postfix on Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Kamil Frankowicz discovered that Postfix incorrectly handled certain enhanced status codes....
[SECURITY] Fedora 43 Update: postfix-3.10.10-1.fc43
Postfix is a Mail Transport Agent MTA...
[SECURITY] Fedora 44 Update: postfix-3.10.10-1.fc44
Postfix is a Mail Transport Agent MTA...
Fedora 43 : postfix (2026-e9fc21d7e2)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e9fc21d7e2 advisory. This is an update fixing CVE-2026-43964. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
Fedora 44 : postfix (2026-5cf8cc5f32)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5cf8cc5f32 advisory. This is an update fixing CVE-2026-43964. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
postfix: Fix of CVE-2026-43964
makedefs: support Linux kernel = 3 on build hosts - CVE-2026-43964: fix buffer over-read on enhanced status code without trailing text...
GHSA-PH9P-34F9-6G65 tmp has Path Traversal via unsanitized prefix/postfix that enables directory escape
Summary The tmp npm package contains a path traversal vulnerability that allows escaping the intended temporary directory when untrusted data flows into the prefix, postfix, or dir options. By embedding traversal sequences e.g., ../ or path separators in these parameters, attackers can cause file...
tmp has Path Traversal via unsanitized prefix/postfix that enables directory escape
Summary The tmp npm package contains a path traversal vulnerability that allows escaping the intended temporary directory when untrusted data flows into the prefix, postfix, or dir options. By embedding traversal sequences e.g., ../ or path separators in these parameters, attackers can cause file...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via unsanitized input in the prefix, postfix, or dir parameters during path construction. An attacker can create files outside the intended temporary directory, potentially overwriting or placing files in sensitive...
PT-2026-43627
Summary The tmp npm package contains a path traversal vulnerability that allows escaping the intended temporary directory when untrusted data flows into the prefix, postfix, or dir options. By embedding traversal sequences e.g., ../ or path separators in these parameters, attackers can cause file...
CLSA-2026-1779298645 postfix: Fix of CVE-2026-43964
CVE-2026-43964: fix buffer over-read in dsnsplit when an enhanced status code is not followed by other text...
mailcow dockerized 跨站脚本漏洞
Mailcow Dockerized is an open-source application developed by Mailcow. The version 2026-03b of Mailcow Dockerized contains a cross-site scripting vulnerability. This vulnerability stems from a storage-based cross-site scripting vulnerability in the administrator’s queue manager, which may cause t...
CLSA-2026-1779191237 postfix: Fix of CVE-2026-43964
CVE-2026-43964: fix buffer over-read in dsnsplit when an enhanced status code is not followed by other text...
CLSA-2026-1779182686 postfix: Fix of CVE-2026-43964
CVE-2026-43964: fix buffer over-read on enhanced status code without trailing text...
CLSA-2026-1779181947 postfix: Fix of CVE-2026-43964
CVE-2026-43964: fix buffer over-read on enhanced status code without trailing text...
CLSA-2026-1779095130 postfix: Fix of CVE-2026-43964
CVE-2026-43964: fix buffer over-read in dsnsplit when an enhanced status code is not followed by other text...
CLSA-2026-1778874422 postfix: Fix of CVE-2026-43964
CVE-2026-43964: fix buffer over-read in dsnsplit when an enhanced status code is not followed by other text...
CVE-2026-43964
A flaw was found in Postfix. This issue occurs when processing enhanced status codes, specifically an enhanced status code that lacks text following the third number. Depending on the configuration of the server, this allows a remote attacker to cause a buffer over-read of only 1 byte, leading to...