21 matches found
EUVD-2017-3347
Malware in sbrugna...
CVE-2017-11737
interface/js/app/history.js in WebUI in Rspamd before 1.6.3 allows XSS via the Subject and Message-Id headers, which are mishandled in the history page...
CVE-2024-30270
mailcow: dockerized is an open source groupware/email suite based on docker. A security vulnerability has been identified in mailcow affecting versions prior to 2024-04. This vulnerability is a combination of path traversal and arbitrary code execution, specifically targeting the rspamdmaps...
CVE-2024-30270
The CVE-2024-30270 entry pertains to mailcow: dockerized prior to the 2024-04 release. A vulnerability combines path traversal and arbitrary code execution targeting the rspamd_maps() function, allowing an authenticated admin to overwrite any file writable by the www-data user due to improper pat...
CVE-2024-30270 mailcow Path Traversal and Arbitrary Code Execution Vulnerability
mailcow: dockerized is an open source groupware/email suite based on docker. A security vulnerability has been identified in mailcow affecting versions prior to 2024-04. This vulnerability is a combination of path traversal and arbitrary code execution, specifically targeting the rspamdmaps...
mailcow 安全漏洞
mailcow is a mail server suite. A security vulnerability exists in versions prior to mailcow-dockerized 2024-04, which stems from a path traversal and arbitrary code execution vulnerability in the rspamdmaps function...
PT-2024-5037 · Mailcow · Mailcow
Name of the Vulnerable Software and Affected Versions: mailcow:dockerized versions prior to 2024-04 Description: The issue is related to the rspamd maps function and involves improper path validation, allowing for path traversal and arbitrary code execution. This can enable an authenticated admin...
Rspamd Detection (HTTP)
HTTP based detection of Rspamd. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.114368";...
Rspamd < 1.6.3 XSS Vulnerability
Rspamd is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:rspamdproject:rspamd...
Spamscanner - Spam Scanner Is The Best Anti-Spam, Email Filtering, And Phishing Prevention Service
Spam Scanner is the best anti-spam, email filtering, and phishing prevention service. Spam Scanner is a drop-in replacement and the best alternative to SpamAssassin, rspamd, SpamTitan, and more. Foreword Spam Scanner is a tool and service built by @niftylettuce after hitting countless roadblocks...
DEBIAN-CVE-2017-11737
interface/js/app/history.js in WebUI in Rspamd before 1.6.3 allows XSS via the Subject and Message-Id headers, which are mishandled in the history page...
Design/Logic Flaw
interface/js/app/history.js in WebUI in Rspamd before 1.6.3 allows XSS via the Subject and Message-Id headers, which are mishandled in the history page...
CVE-2017-11737
interface/js/app/history.js in WebUI in Rspamd before 1.6.3 allows XSS via the Subject and Message-Id headers, which are mishandled in the history page...
UBUNTU-CVE-2017-11737
interface/js/app/history.js in WebUI in Rspamd before 1.6.3 allows XSS via the Subject and Message-Id headers, which are mishandled in the history page...
CVE-2017-11737
interface/js/app/history.js in WebUI in Rspamd before 1.6.3 allows XSS via the Subject and Message-Id headers, which are mishandled in the history page...
CVE-2017-11737
interface/js/app/history.js in WebUI in Rspamd before 1.6.3 allows XSS via the Subject and Message-Id headers, which are mishandled in the history page...
CVE-2017-11737
The vulnerability is CVE-2017-11737 affecting Rspamd's WebUI HISTORY page: interface/js/app/history.js, prior to version 1.6.3. The root cause is mishandling of the Subject and Message-Id headers, enabling cross-site scripting (XSS) in the History page. Impact is XSS leakage in the browser sessio...
CVE-2017-11737
interface/js/app/history.js in WebUI in Rspamd before 1.6.3 allows XSS via the Subject and Message-Id headers, which are mishandled in the history page...
CVE-2017-11737
interface/js/app/history.js in WebUI in Rspamd before 1.6.3 allows XSS via the Subject and Message-Id headers, which are mishandled in the history page...
openSUSE Security Update : exim (openSUSE-2016-326)
This update to exim 4.86.2 fixes the following issues : - CVE-2016-1531: local privilege escalation for set-uid root exim when using 'perlstartup' boo968844 Important: Exim now cleans the complete execution environment by default. This affects Exim and subprocesses such as transports calling othe...