Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache james vulnerabilities and exploits
(subscribe to this query)
643
VMScore
CVE-2017-12628
The JMX server embedded in Apache James, also used by the command line client is exposed to a java de-serialization issue, and thus can be used to execute arbitrary commands. As James exposes JMX socket by default only on local-host, this vulnerability can only be used for privil...
Apache James Server
694
VMScore
CVE-2006-2806
The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote malicious users to cause a denial of service (CPU consumption) via a long argument to the MAIL command.
Apache James 2.2.0
935
VMScore
CVE-2015-7611
Apache James Server 2.3.2, when configured with file-based user repositories, allows malicious users to execute arbitrary system commands via unspecified vectors.
Apache James Server 2.3.2
1 EDB exploit
383
VMScore
CVE-2013-2172
jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x prior to 1.4.8 and 1.5.x prior to 1.5.5 allows context-dependent malicious users to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrar...
Apache Santuario Xml Security For Java 1.5.1
Apache Santuario Xml Security For Java 1.5.2
Apache Santuario Xml Security For Java 1.5.4
Apache Santuario Xml Security For Java 1.5.3
Apache Santuario Xml Security For Java 1.4.7
Apache Santuario Xml Security For Java 1.5.0
383
VMScore
CVE-2012-3536
Two XSS vulnerabilities were fixed in message list and view in the Hupa Webmail application from the Apache James project. An attacker could send a carefully crafted email to a user of Hupa which would trigger a XSS when the email was opened or when a list of messages were viewed...
Apache Hupa
383
VMScore
CVE-2013-2153
The XML digital signature functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) prior to 1.7.1 allows context-dependent malicious users to reuse signatures and spoof arbitrary content via crafted Reference elements in the Signat...
Apache Xml Security For C\\+\\+ 1.6.0
Apache Xml Security For C\\+\\+ 1.1.0
Apache Xml Security For C\\+\\+ 1.6.1
Apache Xml Security For C\\+\\+ 1.2.1
Apache Xml Security For C\\+\\+ 1.5.1
Apache Xml Security For C\\+\\+ 1.5.0
Apache Xml Security For C\\+\\+ 0.2.0
Apache Xml Security For C\\+\\+ 1.3.0
Apache Xml Security For C\\+\\+
Apache Xml Security For C\\+\\+ 1.4.0
Apache Xml Security For C\\+\\+ 1.3.1
Apache Xml Security For C\\+\\+ 1.2.0
Apache Xml Security For C\\+\\+ 0.1.0
516
VMScore
CVE-2013-2155
Apache Santuario XML Security for C++ (aka xml-security-c) prior to 1.7.1 does not properly validate length values, which allows remote malicious users to cause a denial of service or bypass the CVE-2009-0217 protection mechanism and spoof a signature via crafted length values to...
Apache Xml Security For C\\+\\+ 1.6.0
Apache Xml Security For C\\+\\+ 1.1.0
Apache Xml Security For C\\+\\+ 1.6.1
Apache Xml Security For C\\+\\+ 1.2.1
Apache Xml Security For C\\+\\+ 1.5.1
Apache Xml Security For C\\+\\+ 1.5.0
Apache Xml Security For C\\+\\+ 0.2.0
Apache Xml Security For C\\+\\+ 1.3.0
Apache Xml Security For C\\+\\+
Apache Xml Security For C\\+\\+ 1.4.0
Apache Xml Security For C\\+\\+ 1.3.1
Apache Xml Security For C\\+\\+ 1.2.0
Apache Xml Security For C\\+\\+ 0.1.0
668
VMScore
CVE-2013-2156
Heap-based buffer overflow in the Exclusive Canonicalization functionality (xsec/canon/XSECC14n20010315.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) prior to 1.7.1 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitr...
Apache Xml Security For C\\+\\+ 1.6.0
Apache Xml Security For C\\+\\+ 1.1.0
Apache Xml Security For C\\+\\+ 1.6.1
Apache Xml Security For C\\+\\+ 1.2.1
Apache Xml Security For C\\+\\+ 1.5.1
Apache Xml Security For C\\+\\+ 1.5.0
Apache Xml Security For C\\+\\+ 0.2.0
Apache Xml Security For C\\+\\+ 1.3.0
Apache Xml Security For C\\+\\+
Apache Xml Security For C\\+\\+ 1.4.0
Apache Xml Security For C\\+\\+ 1.3.1
Apache Xml Security For C\\+\\+ 1.2.0
Apache Xml Security For C\\+\\+ 0.1.0
668
VMScore
CVE-2013-2154
Stack-based buffer overflow in the XML Signature Reference functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) prior to 1.7.1 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute a...
Apache Xml Security For C\\+\\+ 1.6.0
Apache Xml Security For C\\+\\+ 1.1.0
Apache Xml Security For C\\+\\+ 1.6.1
Apache Xml Security For C\\+\\+ 1.2.1
Apache Xml Security For C\\+\\+ 1.5.1
Apache Xml Security For C\\+\\+ 1.5.0
Apache Xml Security For C\\+\\+ 0.2.0
Apache Xml Security For C\\+\\+ 1.3.0
Apache Xml Security For C\\+\\+
Apache Xml Security For C\\+\\+ 1.4.0
Apache Xml Security For C\\+\\+ 1.3.1
Apache Xml Security For C\\+\\+ 1.2.0
Apache Xml Security For C\\+\\+ 0.1.0
NA
CVE-2023-51747
Apache James prior to versions 3.8.1 and 3.7.5 is vulnerable to SMTP smuggling. A lenient behaviour in line delimiter handling might create a difference of interpretation between the sender and the receiver which can be exploited by an malicious user to forge an SMTP envelop, all...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »