Lucene search
K

6 matches found

EUVD
EUVD
added 6 days ago8 views

EUVD-2026-41503

A vulnerability exists where a new transfer that uses STARTTLS to upgrade the connection might reuse an existing live connection even though the TLS configuration mismatches so it should not...

5.9AI score0.00413EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/09/08 12:0 a.m.3 views

PT-2022-18884 · Apache · Apache James

Name of the Vulnerable Software and Affected Versions: Apache James versions prior to 3.6.3 Apache James versions prior to 3.7.1 Description: The issue is related to a buffering attack that relies on the use of the STARTTLS command. It is similar to a previously solved problem in Apache James...

7.5CVSS7.3AI score0.01718EPSS
Exploits0References8
OSV
OSV
added 2021/10/28 10:12 p.m.8 views

CLSA-2021-1635459163 Fix CVE(s): CVE-2021-22946, CVE-2021-22947

SECURITY UPDATE: Protocol downgrade required TLS bypassed - debian/patches/CVE-2021-22946-pre1.patch: separate FTPS from FTP over HTTPS proxy in lib/ftp.c, lib/urldata.h. - debian/patches/CVE-2021-22946-pre2.patch: support PREAUTH response code in lib/imap.c, lib/imap.h, tests/data/Makefile.inc,...

7.5CVSS7.3AI score0.04224EPSS
Exploits2References1
CNNVD
CNNVD
added 2021/08/17 12:0 a.m.6 views

Smartertools SmarterTools SmarterMail 命令注入漏洞

Smartertools SmarterTools SmarterMail is a set of mail server software from SmarterTools Smartertools, USA. The program supports spam filtering, statistics, simple mail transfer protocol SMTP authentication and other features. SmarterTools SmarterMail suffers from a security vulnerability that...

8.1CVSS7.8AI score0.01127EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/03/04 12:0 a.m.7 views

The vulnerability of the STARTTLS component of the Keycloak identity and access management software lies in implementation errors related to authentication procedures. This allows attackers to escalate their privileges.

The vulnerability of the STARTTLS component of the Keycloak identity and access management software is related to implementation errors in authentication procedures. Exploiting this vulnerability can allow attackers to enhance their privileges remotely...

9.3CVSS7.7AI score0.01054EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2011/06/02 7:55 p.m.2 views

UBUNTU-CVE-2011-1947

fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a 1 STARTTLS or 2 STLS request, which allows remote servers to cause a denial of service application hang by acknowledging the request but not sending additional packets...

5CVSS7.3AI score0.02551EPSS
Exploits0References4
Rows per page
Query Builder