Lucene search
K

34 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-5076

Malware in sbrugna...

5CVSS6.4AI score0.01223EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/21 9:56 p.m.8 views

CVE-2009-5121

Websense Email Security 7.1 before Hotfix 4 allows remote attackers to bypass the sender-based blacklist by using the 8BITMIME EHLO keyword in the SMTP session...

5CVSS7.1AI score0.01223EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 9:6 p.m.15 views

CVE-2009-5131

The Receive Service in Websense Email Security before 7.1 does not recognize domain extensions in the blacklist, which allows remote attackers to bypass intended access restrictions and send e-mail messages via an SMTP session...

5CVSS7.1AI score0.01431EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:27 p.m.6 views

CVE-2002-2080

Floositek FTGate PRO 1.05 allows remote attackers to cause a denial of service memory and CPU consumption via a large number of RCPT TO: messages during an SMTP session...

5CVSS7AI score0.01591EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.5 views

SUSE CVE-2011-1432

The STARTTLS implementation in SCO SCOoffice Server does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection"...

6.8CVSS9.1AI score0.02283EPSS
Exploits0References3
OSV
OSV
added 2022/10/05 1:43 p.m.2 views

SUSE-SU-2022:3529-1 Security update for sendmail

This update for sendmail fixes the following issues: - Fixed SMTP session reuse leading to STARTTLS not used even if offered bsc1164084...

7.1AI score
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2022/03/25 12:0 a.m.5 views

VulnCheck KEV: CVE-2020-7247

smtpmailaddr in smtpsession.c in OpenSMTPD, as used in OpenBSD and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session...

10CVSS7.6AI score0.98972EPSS
Exploits27References1
CISA KEV Catalog
CISA KEV Catalog
added 2022/03/25 12:0 a.m.28 views

OpenSMTPD Remote Code Execution Vulnerability

smtpmailaddr in smtpsession.c in OpenSMTPD, as used in OpenBSD and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session...

10CVSS7.5AI score0.98972EPSS
In wildExploits27
CISA KEV Catalog
CISA KEV Catalog
added 2022/03/25 12:0 a.m.24 views

Exim Heap-Based Buffer Overflow Vulnerability

Heap-based buffer overflow in the stringvformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session...

9.8CVSS9.8AI score0.71794EPSS
In wildExploits6
CNVD
CNVD
added 2021/06/11 12:0 a.m.8 views

SAP NetWeaver AS ABAP Command Injection Vulnerability

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A command injection vulnerability exists in SAP NetWeaver AS ABAP, which can be exploited by an attacker to inse...

5.8CVSS7.4AI score0.00766EPSS
Exploits0References1
0day.today
0day.today
added 2021/04/07 12:0 a.m.230 views

OpenBSD OpenSMTPD 6.6 Remote Code Execution Exploit

smtpmailaddr in smtpsession.c in OpenSMTPD version 6.6, as used in OpenBSD version 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default...

9.8CVSS9.8AI score0.98972EPSS
Exploits27
Packet Storm
Packet Storm
added 2021/04/06 12:0 a.m.522 views

OpenBSD OpenSMTPD 6.6 Remote Code Execution

Exploit Title: OpenBSD OpenSMTPD Remote Code Execution Vulnerability Date: 05/04/2021 Exploit Author: Tobias Marcotto Tested on: Kali Linux x64 Version: 6.6 Description: smtpmailaddr in smtpsession.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute...

10CVSS0.2AI score0.98972EPSS
Exploits27
Veracode
Veracode
added 2020/09/21 6:24 a.m.36 views

Remote Code Execution (RCE)

opensmtpd:bionic is vulnerable to denial of service DoS. smtpmailaddr in smtpsession.c allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration. The...

9.8CVSS6.9AI score0.98972EPSS
Exploits27References15Affected Software1
CNVD
CNVD
added 2020/02/03 12:0 a.m.2 views

OpenSMTPD Remote Command Execution Vulnerability

OpenSMTPD is a free server-side implementation of the SMTP protocol developed by the OpenBSD team, defined via RFC5321 and part of the OpenBSD project. A remote command execution vulnerability exists in OpenSMTPD. It allows remote attackers to execute arbitrary commands as root via a specially...

10CVSS8AI score0.98972EPSS
Exploits27References1
NVD
NVD
added 2020/01/29 4:15 p.m.25 views

CVE-2020-7247

smtpmailaddr in smtpsession.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration...

10CVSS9.7AI score0.98972EPSS
Exploits27References15
OSV
OSV
added 2020/01/29 4:15 p.m.20 views

CVE-2020-7247

smtpmailaddr in smtpsession.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration...

9.8CVSS9.6AI score0.98972EPSS
Exploits27References15
Prion
Prion
added 2020/01/29 4:15 p.m.23 views

Input validation

smtpmailaddr in smtpsession.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration...

10CVSS9.5AI score0.98972EPSS
Exploits27References14Affected Software4
Debian CVE
Debian CVE
added 2020/01/29 3:53 p.m.33 views

CVE-2020-7247

smtpmailaddr in smtpsession.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration...

10CVSS9.7AI score0.98972EPSS
Exploits27
Cvelist
Cvelist
added 2020/01/29 3:53 p.m.38 views

CVE-2020-7247

smtpmailaddr in smtpsession.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration...

9.6AI score0.98972EPSS
Exploits27References14
Positive Technologies
Positive Technologies
added 2020/01/29 12:0 a.m.5 views

PT-2020-1569 · Openbsd +1 · Opensmtpd +1

Name of the Vulnerable Software and Affected Versions: OpenSMTPD versions 6.6 Description: The issue is related to the smtp mailaddr function in the smtp session.c file of the OpenSMTPD mail daemon, which is used in OpenBSD and other products. It allows remote attackers to execute arbitrary...

10CVSS8.3AI score0.98972EPSS
Exploits41References76
Rows per page
Query Builder