Lucene search
K

7 matches found

NVD
NVD
added 2026/06/09 5:17 p.m.25 views

CVE-2026-45447

Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS7 or S/MIME signed...

8.8CVSS0.02719EPSS
Exploits0References18
CVE
CVE
added 2026/06/09 4:3 p.m.643 views

CVE-2026-45447

CVE-2026-45447 is a heap use-after-free in OpenSSL PKCS7_verify triggered when SignedData digestAlgorithms is an empty ASN.1 SET, risking process crashes, heap corruption, or remote code execution. It affects applications processing PKCS#7/S/MIME with OpenSSL PKCS#7 APIs (CMS APIs are not affecte...

8.8CVSS5.9AI score0.02719EPSS
Exploits0References18Affected Software1
NVD
NVD
added 2026/04/02 9:16 a.m.3 views

CVE-2026-29143

SEPPmail Secure Email Gateway before version 15.0.3 does not properly authenticate the inner message of S/MIME-encrypted MIME entities, allowing an attacker to control trusted headers...

9.1CVSS0.0025EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/02 8:49 a.m.31 views

CVE-2026-29143 S/MIME Decryption Impersonation

SEPPmail Secure Email Gateway before version 15.0.3 does not properly authenticate the inner message of S/MIME-encrypted MIME entities, allowing an attacker to control trusted headers...

7.8CVSS0.0025EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/11/04 4:47 p.m.8 views

thunderbird: Memory corruption when processing S/MIME messages

A flaw was found in Thunderbird, which is vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS...

9.8CVSS7.2AI score0.17563EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/02/24 12:53 p.m.6 views

Mozilla: Crash processing S/MIME messages with multiple signatures

When processing a message that contains multiple S/MIME signatures, a bug in the MIME processing code caused a null pointer dereference, leading to an unexploitable crash. This vulnerability affects Thunderbird 68.5...

6.5CVSS7.4AI score0.01273EPSS
Exploits0References5
OSV
OSV
added 2019/04/26 5:29 p.m.4 views

DEBIAN-CVE-2018-18513

A crash can occur when processing a crafted S/MIME message or an XPI package containing a crafted signature. This can be used as a denial-of-service DOS attack because Thunderbird reopens the last seen message on restart, triggering the crash again. This vulnerability affects Thunderbird 60.5...

7.5CVSS8.4AI score0.0132EPSS
Exploits0References1
Rows per page
Query Builder