Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
KdeKmail

4 matches found

CVE
CVEadded 2018/05/16 7:29 p.m.96 views

CVE-2017-17689

The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.

5.9CVSS5.6AI score0.00639EPSS
CVE
CVEadded 2024/10/28 12:15 a.m.58 views

CVE-2024-50624

ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of an attacker-controlled mail server because cleartext HTTP is used for a URL such as http://autoconfig.example.com or http://example.com/.well-known/autoconfig for retrieving the configuration. This is re...

5.9CVSS6.8AI score0.00024EPSS
CVE
CVEadded 2021/08/10 3:15 p.m.56 views

CVE-2021-38373

In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messages are sent) unless "Server requires authentication" is checked.

5.3CVSS5.1AI score0.00268EPSS
CVE
CVEadded 2017/09/28 1:29 a.m.43 views

CVE-2014-8878

KDE KMail does not encrypt attachments in emails when "automatic encryption" is enabled, which allows remote attackers to obtain sensitive information by sniffing the network.

5.9CVSS5.5AI score0.00303EPSS