Raisecomm RAX701-GC Series

RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to bypass authentication and gain unauthenticated root shell access to the affected devices. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

EUVD-2025-23863

Malicious code in bioql PyPI...

GHSA-QJ5R-2R5P-PHC7 Duplicate Advisory: Keycloak-services SMTP Inject Vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-m4j5-5x4r-2xp9. This link is maintained to preserve external references. Original Description A vulnerability was found in Keycloak-services. Special characters used during e-mail registration may perform SMTP...

Duplicate Advisory: Keycloak-services SMTP Inject Vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-m4j5-5x4r-2xp9. This link is maintained to preserve external references. Original Description A vulnerability was found in Keycloak-services. Special characters used during e-mail registration may perform SMTP...

CVE-2025-8419 Org.keycloak/keycloak-services: keycloak smtp inject vulnerability

A vulnerability was found in Keycloak-services. Special characters used during e-mail registration may perform SMTP Injection and unexpectedly send short unwanted e-mails. The email is limited to 64 characters limited local part of the email, so the attack is limited to very shorts emails subject...

CVE-2025-8419 Org.keycloak/keycloak-services: keycloak smtp inject vulnerability

A vulnerability was found in Keycloak-services. Special characters used during e-mail registration may perform SMTP Injection and unexpectedly send short unwanted e-mails. The email is limited to 64 characters limited local part of the email, so the attack is limited to very shorts emails subject...

CVE-2025-8419

A vulnerability was found in Keycloak-services. Special characters used during e-mail registration may perform SMTP Injection and unexpectedly send short unwanted e-mails. The email is limited to 64 characters limited local part of the email, so the attack is limited to very shorts emails subject...

If you get an email saying “Item stopped due to unpaid customs fee”, it’s a fake

Our spam traps recently caught a phishing scam that neatly illustrates some of the tactics scammers use routinely to avoid both human intuition, and automatic detection. The scam starts with an unsolicited email, of course… The scam email is ostensibly from the Post Office, an instantly...

Design/Logic Flaw

A vulnerability in the SMTP relay of Cisco Unity Connection could allow an unauthenticated, remote attacker to send unsolicited email messages, aka a Mail Relay Vulnerability. The vulnerability is due to improper handling of domain information in the affected software. An unauthenticated, remote...

CVE-2018-0203

A vulnerability in the SMTP relay of Cisco Unity Connection could allow an unauthenticated, remote attacker to send unsolicited email messages, aka a Mail Relay Vulnerability. The vulnerability is due to improper handling of domain information in the affected software. An unauthenticated, remote...

CVE-2018-0203

CVE-2018-0203 : A vulnerability in the SMTP relay of Cisco Unity Connection allows an unauthenticated, remote attacker to send unsolicited email messages due to improper handling of domain information. A successful exploit could deliver emails to arbitrary addresses. Affected product: Cisco Unity...

CVE-2018-0203

A vulnerability in the SMTP relay of Cisco Unity Connection could allow an unauthenticated, remote attacker to send unsolicited email messages, aka a Mail Relay Vulnerability. The vulnerability is due to improper handling of domain information in the affected software. An unauthenticated, remote...

Cisco Unity Connection Mail Relay Vulnerability

A vulnerability in the SMTP relay of Cisco Unity Connection could allow an unauthenticated, remote attacker to send unsolicited email messages. The vulnerability is due to improper handling of domain information in the affected software. An unauthenticated, remote attacker could exploit this...

Expert: Eight Years Later, 'Snowshoe Spam' Suggests CAN SPAM Not Working

BARCELONA — If you thought the CAN SPAM Act of 2003 nailed the coffin closed on the legality of spamming in the U.S., you’d be wrong. In fact, CAN SPAM compliant spam e-mail – sometimes referred to as ‘Snowshoe Spam’ is a growing source of nuisance e-mail messages hitting inboxes in the U.S. and...

NuralStorm Webmail Multiple Security Vulnerabilities

NuralStorm Webmail is prone to multiple security vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Major Spam Network Fined Over $15 Million

A U.S. district court judge has ordered the largest “spam gang” in the world to pay nearly $15.2 million for sending unsolicited e-mail messages marketing male-enhancement pills, prescription drugs, and weight-loss supplements, according to the U.S. Federal Trade Commission. Read the full article...

JVN#08369659 Movable Type access restriction bypass vulnerability

Movable Type, a web log system from Six Apart KK, contains a vulnerability that allows a remote attacker to bypass access restrictions. Impact A remote attacker may send unsolicited email to arbitrary addresses or view information stored in Movable Type. Solution Update the Software Update to the...

Webbler CMS 3.1.3 - Mail A Friend Open Email Relay

Webbler CMS 3.1.3 - Mail A Friend Open Email Relay source: https://www.securityfocus.com/bid/25045/info The 'webbler' is prone to an open-email-relay vulnerability. An attacker may leverage the issue to use webservers that are hosting the vulnerable software to send arbitrary unsolicited bulk...

JVN#25106961 Kent Web PostMail vulnerable to third party mail relay

Impact An attacker could possibly compromise the mail server to send an unsolicited email. Solution Products Affected Kent Web PostMail 3.2 and earlier...

Debian DSA-437-1 : cgiemail - open mail relay

A vulnerability was discovered in cgiemail, a CGI program used to email the contents of an HTML form, whereby it could be used to send email to arbitrary addresses. This type of vulnerability is commonly exploited to send unsolicited commercial email spam. %NASLMINLEVEL 70300 C Tenable Network...