Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu mailman vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2003-0965
Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman prior to 2.1.4 allows remote malicious users to steal session cookies and conduct unauthorized activities.
Gnu Mailman
490
VMScore
CVE-2021-40347
An issue exists in views/list.py in GNU Mailman Postorius prior to 1.3.5. An attacker (logged into any account) can send a crafted POST request to unsubscribe any user from a mailing list, also revealing whether that address was subscribed in the first place.
Postorius Project Postorius
454
VMScore
CVE-2001-0884
Cross-site scripting vulnerability in Mailman email archiver prior to 2.08 allows malicious users to obtain sensitive information or authentication credentials via a malicious link that is accessed by other web users.
Gnu Mailman 5.0
Gnu Mailman
Gnu Mailman 7.0
Gnu Mailman 5.1
Gnu Mailman 6.0
445
VMScore
CVE-2006-2941
Mailman prior to 2.1.9rc1 allows remote malicious users to cause a denial of service via unspecified vectors involving "standards-breaking RFC 2231 formatted headers".
Gnu Mailman 2.1.5
Gnu Mailman 2.1.5.8
Gnu Mailman 2.1.3
Gnu Mailman 2.1.8
Gnu Mailman 2.1.2
Gnu Mailman 2.1.6
Gnu Mailman 2.1
Gnu Mailman 2.1b1
Gnu Mailman 2.1.1
Gnu Mailman 2.1.7
Gnu Mailman 2.1.4
445
VMScore
CVE-2006-0052
The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and previous versions, when using Python's library email module 2.5, allows remote malicious users to cause a denial of service (mailing list delivery failure) via a multipart MIME message with a single part that has two...
Gnu Mailman 2.1.5
Gnu Mailman 2.0.5
Gnu Mailman 2.0.1
Gnu Mailman 2.1.3
Gnu Mailman 2.0.11
Gnu Mailman 2.0.6
Gnu Mailman 2.0
Gnu Mailman 1.1
Gnu Mailman 2.0.14
Gnu Mailman 2.0.12
Gnu Mailman 2.1.2
Gnu Mailman 2.0.9
Gnu Mailman 2.0.3
Gnu Mailman 2.0.13
Gnu Mailman 2.0.4
Gnu Mailman 2.1
Gnu Mailman 2.1b1
Gnu Mailman 2.1.1
Gnu Mailman 1.0
Gnu Mailman 2.0.8
Gnu Mailman 2.1.4
Gnu Mailman 2.0.10
445
VMScore
CVE-2005-3573
Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote malicious users to cause a denial of service (application crash).
Gnu Mailman 2.1.5
Gnu Mailman 2.0.5
Gnu Mailman 2.0.1
Gnu Mailman 2.1.5.8
Gnu Mailman 2.1.3
Gnu Mailman 2.0.11
Gnu Mailman 2.0.6
Gnu Mailman 2.0
Gnu Mailman 2.0.14
Gnu Mailman 2.0.12
Gnu Mailman 2.1.2
Gnu Mailman 2.0.9
Gnu Mailman 2.0.3
Gnu Mailman 2.0.13
Gnu Mailman 2.0.4
Gnu Mailman 2.1
Gnu Mailman 2.0.8
Gnu Mailman 2.1.4
Gnu Mailman 2.0.10
Gnu Mailman 2.1.1
Gnu Mailman 2.0.2
Gnu Mailman 2.0.7
445
VMScore
CVE-2005-0080
The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote malicious users to determine the list membership for a given e-mail address.
Gnu Mailman 2.1.5
Ubuntu Ubuntu Linux 4.10
445
VMScore
CVE-2005-0202
Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and previous versions allows remote malicious users to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended ...
Gnu Mailman 2.1.5
Gnu Mailman 2.1.3
Gnu Mailman 2.1.2
Gnu Mailman 2.1
Gnu Mailman 2.1b1
Gnu Mailman 2.1.1
Gnu Mailman 2.1.4
445
VMScore
CVE-2004-0412
Mailman prior to 2.1.5 allows remote malicious users to obtain user passwords via a crafted email request to the Mailman server.
Gnu Mailman 2.1.3
Gnu Mailman 2.1.2
Gnu Mailman 2.1
Gnu Mailman 2.1b1
Gnu Mailman 2.1.1
Gnu Mailman 2.1.4
445
VMScore
CVE-2004-0182
Mailman prior to 2.0.13 allows remote malicious users to cause a denial of service (crash) via an email message with an empty subject field.
Gnu Mailman
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »