CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Positive Technologies•added 2026/05/08 12:0 a.m.•9 views

PT-2026-38959

Name of the Vulnerable Software and Affected Versions SEPPmail Secure Email Gateway versions prior to 15.0.4 Description An unauthenticated path traversal issue exists in the '/api.app/attachment/preview' endpoint. This allows remote attackers to read arbitrary local files and trigger the deletio...

8.8CVSS6AI score0.17015EPSS

Exploits0References6

RedhatCVE•added 2026/04/03 10:58 a.m.•6 views

CVE-2026-29137

SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to hide security tags from users by crafting a long subject...

5.3CVSS5.9AI score0.00189EPSS

Exploits0References1

NVD•added 2026/04/02 9:16 a.m.•2 views

CVE-2026-29137

SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to hide security tags from users by crafting a long subject...

5.3CVSS0.00189EPSS

Exploits0References1

CNNVD•added 2026/04/02 12:0 a.m.•6 views

SEPPmail Secure Email Gateway 安全漏洞

SEPPmail Secure Email Gateway is an email security gateway developed by the German company SEPPmail. Versions of SEPPmail Secure Email Gateway prior to version 15.0.3 contained security vulnerabilities. These vulnerabilities stemmed from the ability for external users to modify GINA webdomain...

7.5CVSS5.8AI score0.00225EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 6:45 a.m.•3 views

CVE-2026-2743 SEPPmail User Web Interface Arbitrary File Write to RCE

Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer LFT. This issue affects SeppMail: 15.0.2.1 and before...

10CVSS5.8AI score0.00842EPSS

Exploits0References2

ATTACKERKB•added 2026/03/04 8:47 a.m.•2 views

CVE-2026-27444

SEPPmail Secure Email Gateway before version 15.0.1 incorrectly interprets email addresses in the email headers, causing an interpretation conflict with other mail infrastructure that allows an attacker to fake the source of the email or decrypt it...

7.8CVSS5.9AI score0.00213EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 11:22 a.m.•7 views

CVE-2021-31739

The SEPPmail solution is vulnerable to a Cross-Site Scripting vulnerability XSS, because user input is not correctly encoded in HTML attributes when returned by the server.SEPPmail 11.1.10 allows XSS via a recipient address...

6.1CVSS5.3AI score0.00423EPSS

Exploits1References1

OSV•added 2025/04/28 4:15 p.m.•2 views

CVE-2022-41871

SEPPmail through 12.1.17 allows command injection within the Admin Portal. An authenticated attacker is able to execute arbitrary code in the context of the user root...

8.8CVSS6.1AI score0.00896EPSS

Exploits0References2

CNNVD•added 2025/04/28 12:0 a.m.•1 views

SEPPmail 安全漏洞

SEPPmail is an email encryption and signing solution from the Swiss company SEPPmail. A security vulnerability exists in SEPPmail version 12.1.17 and earlier, which stems from a command injection in the Admin Portal that could lead to the execution of arbitrary code...

8.8CVSS7.5AI score0.00896EPSS

Exploits0References3

CVE•added 2025/04/28 12:0 a.m.•53 views

CVE-2022-41871

SEPPmail contains a command-injection vulnerability in the Admin Portal affecting versions up to 12.1.17. An authenticated attacker can execute arbitrary code with root privileges via the Admin Portal. The issue is documented across multiple sources (e.g., Red Hat, CNNVD, CVE records) with remedi...

8.8CVSS8AI score0.00896EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by