27 matches found
EUVD-2023-54713
Malicious code in bioql PyPI...
RHEL 9 : mutt (RHSA-2024:2290)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2290 advisory. Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and...
EulerOS 2.0 SP10 : mutt (EulerOS-SA-2023-3187)
According to the versions of the mutt package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Null pointer dereference when viewing a specially crafted email in Mutt 1.5.2 1.5.2 1.5.2 1...
EulerOS 2.0 SP11 : mutt (EulerOS-SA-2023-3252)
According to the versions of the mutt package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Null pointer dereference when viewing a specially crafted email in Mutt 1.5.2 1.5.2 1.5.2 1...
CVE-2023-4875
A null pointer dereference flaw was found in mutt when handling specially crafted characters. This issue could allow an attacker to send a specially crafted email that causes the email client to crash when reading or processing the email. Mitigation Mitigation for this issue is either not availab...
CVE-2023-4874
A null pointer dereference flaw was found in mutt when handling specially crafted characters. This issue could allow an attacker to send a specially crafted email that causes the email client to crash when reading or processing the email. Mitigation Mitigation for this issue is either not availab...
CVE-2023-4874 Undefined Behavior for Input to API in Mutt
Null pointer dereference when viewing a specially crafted email in Mutt 1.5.2 2.2.12...
CVE-2023-4874 Undefined Behavior for Input to API in Mutt
Null pointer dereference when viewing a specially crafted email in Mutt 1.5.2 2.2.12...
CVE-2022-39052
An external attacker is able to send a specially crafted email with many recipients and trigger a potential DoS of the system...
CVE-2022-39052 DoS attack using email
An external attacker is able to send a specially crafted email with many recipients and trigger a potential DoS of the system...
The vulnerability of Mozilla Thunderbird’s email client, related to writing beyond the buffer limit, allows attackers to execute arbitrary code.
The vulnerability of Mozilla Thunderbird email client relates to writing beyond the buffer boundaries. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted email...
CVE-2021-21441
There is a XSS vulnerability in the ticket overview screens. It's possible to collect various information by having an e-mail shown in the overview screen. Attack can be performed by sending specially crafted e-mail to the system and it doesn't require any user intraction. This issue affects: OTR...
OTRS AG 跨站脚本漏洞
OTRS AG is an application of the German company OTRS. A service management software. OTRS AG suffers from a cross-site scripting vulnerability that can be triggered by an attacker sending a specially designed e-mail to the system...
PT-2020-6430 · Otrs Ag · Otrs +1
Name of the Vulnerable Software and Affected Versions: OTRS AG OTRS Community Edition versions 6.0.1 through 6.0.x OTRS AG OTRS versions prior to 7.0.26 Description: The issue is related to a lack of protection of the web page structure in the ticket request system OTRS, allowing an attacker to...
CVE-2020-14258
HCL Notes is susceptible to a Denial of Service vulnerability caused by improper validation of user-supplied input. A remote unauthenticated attacker could exploit this vulnerability using a specially-crafted email message to hang the client. Versions 9, 10 and 11 are affected...
Microsoft Exchange Memory Corruption Vulnerability
An information disclosure vulnerability exists when Microsoft Exchange improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the remote system. To exploit the vulnerability, an attacker would send a...
CVE-2017-14461
A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to send a specially crafted email message to the...
Important: Red Hat Security Advisory: procmail security update
An update for procmail is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Crashing Google Email App for Android Just By Sending a Malicious Email
A vulnerability has been discovered in the wildly popular Google’s Stock Android Email App, that could be exploited by malicious attackers to remotely crash your smartphone application just by sending a specially crafted email. A Spain security researcher, Hector Marco, successfully exploited the...
Microsoft Exchange Server Outlook Web Access Cross-Site Scripting (MS14-075; CVE-2014-6326)
An elevation of privilege vulnerability exists in Microsoft Exchange Server. The vulnerability is due to an error in Microsoft Exchange input validation. A remote attacker can exploit this issue by enticing a victim to open a specially crafted email with Microsoft Outlook Web Access OWA...