CVE-2018-0682

Denbun by NEOJAPAN Inc. Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier does not properly manage sessions, which allows remote attackers to read/send mail or change the configuration via unspecified vectors...

CentOS Web Panel Cross-Site Request Forgery Vulnerability (CNVD-2019-18498)

CentOS Web Panel is a CentOS Lnuix system administration panel. A cross-site request forgery vulnerability exists in CentOS Web Panel 0.9.8.740 and earlier versions, which can be exploited by a remote attacker to modify the server's root password and execute commands with the help of...

Apache Tomcat 8.5.x < 8.5.13 Multiple Vulnerabilities

According to its self-reported version number, the Apache Tomcat service running on the remote host is 8.5.x prior to 8.5.13. It is therefore affected by multiple vulnerabilities : - A flaw exists in the handling of pipelined requests when send file processing is used that results in the pipeline...

Microsoft Office: Send personal information

This test checks the setting for policy OpenVAS Vulnerability Test $Id: officesendpersonalinformation.nasl 11843 2018-10-11 14:33:21Z emoss $ Check value for Send personal information Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program ...

Moderate severity vulnerability that affects send

Withdrawn, accidental duplicate publish. visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public"...

GHSA-PGV6-JRVV-75JP Moderate severity vulnerability that affects send

Withdrawn, accidental duplicate publish. visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public"...

Tcpreplay Buffer Overflow Vulnerability

Tcpreplay is a set of open source utilities for editing and replaying network traffic for UNIX based operating systems. A buffer overflow vulnerability exists in the 'fasteditpacket' function of the sendpackets.c file in Tcpreplay version 4.3. An attacker can exploit this vulnerability with a...

CVE-2018-15667

An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. It registers and uses the airmail:// URL scheme. The "send" command in the URL scheme allows an external application to send arbitrary emails from an active account without authentication. The handler has no restriction on who can use it...

CVE-2018-15668

An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. The "send" command in the airmail:// URL scheme allows an external application to send arbitrary emails from an active account. URL parameters for the "send" command with the "attachment" prefix designate attachment parameters. If the...

CVE-2018-14926

Matera Banco 1.0.0 allows CSRF, as demonstrated by a /contingency/web/messageSend/messageSendHandler.jsp request...

CVE-2018-14430

The Mondula Multi Step Form plugin through 1.2.5 for WordPress allows XSS via the fwdata id1, fwdata id2, fwdata id3, fwdata id4, or email field of the contact form, exploitable with an fwsendemail action to wp-admin/admin-ajax.php...

Security fix for the ALT Linux 8 package curl version 7.61.0-alt1

July 17, 2018 Anton Farygin 7.61.0-alt1 - 7.61.0 - fixes: CVE-2018-0500 SMTP send heap buffer overflow...

CVE-2018-10658

There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service crash. The crash arises from code inside libdbus-send.so shared object or similar...

CVE-2018-12684

Out-of-bounds Read in the sendssifile function in civetweb.c in CivetWeb through 1.10 allows attackers to cause a Denial of Service or Information Disclosure via a crafted SSI file...

CVE-2018-6563

Multiple cross-site request forgery CSRF vulnerabilities in totemomail Encryption Gateway before 6.0.0Build371 allow remote attackers to hijack the authentication of users for requests that 1 change user settings, 2 send emails, or 3 change contact information by leveraging lack of an anti-CSRF...

RUSTSEC-2018-0019 Multiple memory safety issues

Affected versions contain multiple memory safety issues, such as: - Unsoundly coercing immutable references to mutable references - Unsoundly extending lifetimes of strings - Adding the Send marker trait to objects that cannot be safely sent between threads This may result in a variety of memory...

Multiple memory safety issues

Affected versions contain multiple memory safety issues, such as: - Unsoundly coercing immutable references to mutable references - Unsoundly extending lifetimes of strings - Adding the Send marker trait to objects that cannot be safely sent between threads This may result in a variety of memory...

totemomail Encryption Gateway Cross-Site Request Forgery Vulnerability

totemomail Encryption Gateway is a gateway for email encryption. A cross-site request forgery vulnerability exists in versions prior to totemomail Encryption Gateway 6.0.0Build371. A remote attacker can exploit this vulnerability to change user settings, send emails, or change contact information...

MMM mmm_agentd shell command injection vulnerability

MySQL Multi-Master Replication Manager MMM is a set of flexible scripts that performs monitoring/failover and management of MySQL master-master replication configurations. mmmagentd is an agent daemon that runs on each MySQL server and provides a simple set of remote services to the monitoring...

pythonidae.nl XSS vulnerability

Open Bug Bounty ID: OBB-617985 Description| Value ---|--- Affected Website:| pythonidae.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...