Lucene search
+L

5692 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.20 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS : nginx vulnerabilities (USN-8375-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8375-1 advisory. It was discovered that the nginx ngxmailsmtpmodule module incorrectly handled certain memory operations when doing SM...

9.2CVSS9.1AI score0.61469EPSS
Exploits43References13
Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.13 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS : Exim vulnerabilities (USN-8382-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8382-1 advisory. Timo Longin discovered that Exim incorrectly handled certain SMTP messages in PIPELINING/CHUNKING configurations. A...

9.8CVSS7.3AI score0.01225EPSS
Exploits3References7
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.13 views

Supermicro AS-2115HS-TNR BMC 安全漏洞

Supermicro AS-2115HS-TNR BMC is a server out-of-band management control system developed by Supermicro Corporation. There is a security vulnerability in Supermicro AS-2115HS-TNR BMC, which stems from the injection of custom characters in the SMTP service configuration. This vulnerability may allo...

7.2CVSS5.8AI score0.0037EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2026/06/03 4:29 p.m.13 views

USN-8382-1: Exim vulnerabilities

Timo Longin discovered that Exim incorrectly handled certain SMTP messages in PIPELINING/CHUNKING configurations. A remote attacker could possibly use this issue to perform SMTP smuggling. This issue only affected Ubuntu 14.04 LTS. CVE-2023-51766 It was discovered that Exim incorrectly handled...

9.8CVSS7.7AI score0.01225EPSS
Exploits3
OSV
OSV
added 2026/06/03 4:29 p.m.16 views

USN-8382-1 exim4 vulnerabilities

Timo Longin discovered that Exim incorrectly handled certain SMTP messages in PIPELINING/CHUNKING configurations. A remote attacker could possibly use this issue to perform SMTP smuggling. This issue only affected Ubuntu 14.04 LTS. CVE-2023-51766 It was discovered that Exim incorrectly handled...

9.8CVSS6AI score0.01225EPSS
Exploits3References7
OSV
OSV
added 2026/06/03 2:16 p.m.11 views

PYSEC-2026-200

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.core.mail.backends.smtp.EmailBackend in Django fails to prevent reuse of a partially-initialized connection after a failed STARTTLS handshake when failsilently=True, which allows on-path network attackers to read ema...

2.3CVSS5.3AI score0.0015EPSS
Exploits0References3
NVD
NVD
added 2026/06/03 2:16 p.m.17 views

CVE-2026-7666

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.core.mail.backends.smtp.EmailBackend in Django fails to prevent reuse of a partially-initialized connection after a failed STARTTLS handshake when failsilently=True, which allows on-path network attackers to read ema...

3.1CVSS0.0015EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/03 1:16 p.m.13 views

EUVD-2026-34087

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.core.mail.backends.smtp.EmailBackend in Django fails to prevent reuse of a partially-initialized connection after a failed STARTTLS handshake when failsilently=True, which allows on-path network attackers to read ema...

3.1CVSS5.8AI score0.0015EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/03 1:16 p.m.8 views

CVE-2026-7666 Potential unencrypted email transmission via STARTTLS in the SMTP backend

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.core.mail.backends.smtp.EmailBackend in Django fails to prevent reuse of a partially-initialized connection after a failed STARTTLS handshake when failsilently=True, which allows on-path network attackers to read ema...

3.1CVSS5.8AI score0.0015EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/03 1:16 p.m.45 views

CVE-2026-7666 Potential unencrypted email transmission via STARTTLS in the SMTP backend

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.core.mail.backends.smtp.EmailBackend in Django fails to prevent reuse of a partially-initialized connection after a failed STARTTLS handshake when failsilently=True, which allows on-path network attackers to read ema...

3.1CVSS0.0015EPSS
Exploits0References3
OSV
OSV
added 2026/06/03 1:16 p.m.2 views

CVE-2026-7666 Potential unencrypted email transmission via STARTTLS in the SMTP backend

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.core.mail.backends.smtp.EmailBackend in Django fails to prevent reuse of a partially-initialized connection after a failed STARTTLS handshake when failsilently=True, which allows on-path network attackers to read ema...

2.3CVSS5.9AI score0.0015EPSS
Exploits0References7
OSV
OSV
added 2026/06/03 1:0 p.m.8 views

UBUNTU-CVE-2026-7666

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.core.mail.backends.smtp.EmailBackend in Django fails to prevent reuse of a partially-initialized connection after a failed STARTTLS handshake when failsilently=True, which allows on-path network attackers to read ema...

3.1CVSS5.2AI score0.0015EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.24 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Exim vulnerability (USN-8353-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8353-1 advisory. Warisjeet Singh discovered that Exim with SUPPORTPROXY enabled did not properly handle memory before SMTP authentication. A remote...

5.3CVSS5.6AI score0.00264EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 10:46 a.m.18 views

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFixes for May 2026.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 25.0.0-IF005. These vulnerabilities have been also adressed in 24.0.0-IF007, 24.0.1-IF007 and 25.0.1-IF001. Vulnerability Details CVEID:CVE-2025-7962 DESCRIPTION: In Jakarta Mail 2.0.2 it is possible to preform a...

7.6CVSS6.9AI score0.01525EPSS
Exploits0Affected Software1
Snyk
Snyk
added 2026/06/01 9:31 a.m.3 views

Improper Certificate Validation

Overview apache-airflow-providers-smtp is a Provider for Apache Airflow. Implements apache-airflow-providers-smtp package Affected versions of this package are vulnerable to Improper Certificate Validation in the airflow.utils.email process. An attacker can intercept sensitive information, such a...

8.2CVSS6.1AI score0.00185EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/01 7:53 a.m.9 views

CVE-2026-49267

Apache Airflow's EmailOperator and the underlying airflow.utils.email helpers established SMTP STARTTLS connections without verifying the remote certificate when the deployment used email smtpstarttls=True without email smtpssl. An attacker positioned between the worker and the configured SMTP...

5.9CVSS5.9AI score0.00268EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/01 7:53 a.m.30 views

CVE-2026-49267

Apache Airflow is affected where EmailOperator and airflow.utils.email establish SMTP STARTTLS without remote-certificate verification when smtp_starttls=True and smtp_ssl=False, enabling a network MITM to capture SMTP AUTH credentials and message contents. The issue is the core Airflow side, rel...

5.9CVSS5.9AI score0.00185EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/01 7:53 a.m.4 views

CVE-2026-49267 Apache Airflow: No certificate validation on SMTP STARTTLS connections

Apache Airflow's EmailOperator and the underlying airflow.utils.email helpers established SMTP STARTTLS connections without verifying the remote certificate when the deployment used email smtpstarttls=True without email smtpssl. An attacker positioned between the worker and the configured SMTP...

5.9CVSS6.1AI score0.00185EPSS
Exploits0References5
Fedora
Fedora
added 2026/06/01 1:1 a.m.29 views

[SECURITY] Fedora 43 Update: nginx-1.30.2-1.fc43

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

9.2CVSS5.8AI score0.04261EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.22 views

PT-2026-45382

Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.2.2 Description The EmailOperator and airflow.utils.email helpers establish SMTP STARTTLS connections without verifying the remote certificate when the deployment is configured with smtp starttls=True and smt...

5.9CVSS5.5AI score0.00185EPSS
Exploits0References14
Rows per page
Query Builder