Lucene search
+L

24 matches found

Malwarebytes
Malwarebytes
added 2025/12/15 1:41 p.m.9 views

PayPal closes loophole that let scammers send real emails with fake purchase notices

After an investigation by BleepingComputer, PayPal closed a loophole that allowed scammers to send emails from the legitimate [email protected] email address. Following reports from people who received emails claiming an automatic payment had been cancelled, BleepingComputer found that...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2011-1927

Malware in sbrugna...

5CVSS6AI score0.0325EPSS
Exploits0References30
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2004-0182

Malware in sbrugna...

5CVSS6.4AI score0.01344EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2010-0771

Malware in sbrugna...

5CVSS6.1AI score0.03078EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2003-0783

Malware in sbrugna...

5CVSS6.1AI score0.01943EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-2547

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00764EPSS
Exploits1References8
Cvelist
Cvelist
added 2025/05/23 3:41 p.m.20 views

CVE-2025-48375 Schule Missing Rate Limiting on OTP Email Requests – Susceptible to Abuse & DoS

Schule is open-source school management system software. Prior to version 1.0.1, the file forgotpassword.php or equivalent endpoint responsible for email-based OTP generation lacks proper rate limiting controls, allowing attackers to abuse the OTP request functionality. This vulnerability can be...

8.7CVSS0.00361EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:6 a.m.7 views

CVE-2010-3717

The t3libdiv::validEmail function in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 does not properly restrict input to filtervar FILTERVALIDATEEMAIL operations in PHP, which allows remote attackers to cause a denial of service memory consumption and application crash via a...

5CVSS6.9AI score0.03091EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/02/20 12:0 a.m.8 views

CVE-2023-51310

A lack of rate limiting in the 'Forgot Password', 'Email Settings' feature of PHPJabbers Car Park Booking System v3.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service DoS via a large amount of generated e-mail messages...

4.6AI score0.00461EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2025/02/19 12:0 a.m.8 views

CVE-2023-51297

A lack of rate limiting in the 'Email Settings' feature of PHPJabbers Hotel Booking System v4.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service DoS via a large amount of generated e-mail messages...

6.4AI score0.00504EPSS
Exploits2References2
OPENSUSE Linux
OPENSUSE Linux
added 2024/09/05 12:0 a.m.5 views

Security update for python-Django (important)

openSUSE Security Update: Security update for python-Django Announcement ID: openSUSE-SU-2024:0282-1 Rating: important References: 1229823 1229824 Cross-References: CVE-2024-45230 CVE-2024-45231 CVSS scores: CVE-2024-45230 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2024-45231 SUSE...

7.5CVSS6.2AI score0.25782EPSS
Exploits0References2
EUVD
EUVD
added 2020/08/12 3:7 p.m.3 views

EUVD-2020-4416

In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service resource consumption via a crafted e-mail message with deeply nested MIME parts...

7.5CVSS6.2AI score0.05215EPSS
Exploits2References21
OSV
OSV
added 2020/01/16 9:12 a.m.11 views

SUSE-SU-2020:0114-1 Security update for python3

This update for python3 to version 3.6.10 fixes the following issues: - CVE-2017-18207: Fixed a denial of service in Waveread.readfmtchunk bsc1083507. - CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ bsc1149955. - CVE-2019-15903: Fixed a heap-based buffer over-read i...

10CVSS7.1AI score0.73327EPSS
Exploits31References83
OSV
OSV
added 2019/07/17 9:15 p.m.2 views

CVE-2019-12913

Redbrick Shift through 3.4.3 allows an attacker to extract emails of services such as Gmail, Outlook, etc. used in the application...

5.5CVSS6.1AI score0.00377EPSS
Exploits0References1
OSV
OSV
added 2017/08/21 8:0 p.m.12 views

MGASA-2017-0291 Updated clamav packages fix security vulnerabilities

It was discovered that ClamAV incorrectly handled parsing certain e-mail messages. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service CVE-2017-6418. It was discovered that ClamAV incorrectly handled parsing certain PE files with WWPack...

5.5CVSS7.2AI score0.01415EPSS
Exploits0References3
OSV
OSV
added 2015/03/09 2:59 p.m.13 views

CVE-2014-9472

The email gateway in RT aka Request Tracker 3.0.0 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to cause a denial of service CPU and disk consumption via a crafted email...

8.2AI score
Exploits0References5
Prion
Prion
added 2015/02/15 8:59 p.m.16 views

Information disclosure

The Google Email application 4.2.2.0200 for Android allows remote attackers to cause a denial of service persistent application crash via a "Content-Disposition: ;" header in an e-mail message...

5CVSS7.1AI score0.01712EPSS
Exploits2References6Affected Software1
seebug.org
seebug.org
added 2014/11/27 12:0 a.m.22 views

信游科技管理后台弱口令导致敏感信息泄漏

简要描述: 信游科技管理后台弱口令导致敏感信息泄漏 详细说明: test.52xinyou.cn/xykj/login.aspx 应该是测试系统 看下服务邮箱账号泄露 登陆 漏洞证明: 并且可以管理前台页面...

7.1AI score
Exploits0
OSV
OSV
added 2014/07/06 11:55 p.m.10 views

CVE-2014-4720

Email::Address module before 1.904 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service CPU consumption via vectors related to "backtracking into the phrase," a different vulnerability than CVE-2014-0477...

6.3AI score
Exploits0References2
OSV
OSV
added 2011/05/24 11:55 p.m.4 views

CVE-2011-1929

lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service daemon crash or mailbox corruption via a crafted e-mail message...

6.3AI score
Exploits0References25
Rows per page
Query Builder