Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu mailman vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0202
Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and previous versions allows remote malicious users to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended ...
Gnu Mailman 2.1.5
Gnu Mailman 2.1.3
Gnu Mailman 2.1.2
Gnu Mailman 2.1
Gnu Mailman 2.1b1
Gnu Mailman 2.1.1
Gnu Mailman 2.1.4
NA
CVE-2004-0412
Mailman prior to 2.1.5 allows remote malicious users to obtain user passwords via a crafted email request to the Mailman server.
Gnu Mailman 2.1.3
Gnu Mailman 2.1.2
Gnu Mailman 2.1
Gnu Mailman 2.1b1
Gnu Mailman 2.1.1
Gnu Mailman 2.1.4
NA
CVE-2001-0884
Cross-site scripting vulnerability in Mailman email archiver prior to 2.08 allows malicious users to obtain sensitive information or authentication credentials via a malicious link that is accessed by other web users.
Gnu Mailman 5.0
Gnu Mailman
Gnu Mailman 7.0
Gnu Mailman 5.1
Gnu Mailman 6.0
NA
CVE-2005-4153
Mailman 2.1.4 up to and including 2.1.6 allows remote malicious users to cause a denial of service via a message that causes the server to "fail with an Overflow on bad date data in a processed message," a different vulnerability than CVE-2005-3573.
Gnu Mailman 2.1.5
Gnu Mailman 2.1.6
Gnu Mailman 2.1.4
6.1
CVSSv3
CVE-2021-38354
The GNU-Mailman Integration WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the gm_error parameter found in the ~/includes/admin/mailing-lists-page.php file which allows malicious users to inject arbitrary web scripts, in versions up to and including 1.0.6.
Gnu-mailman Integration Project Gnu-mailman Integration
NA
CVE-2003-0965
Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman prior to 2.1.4 allows remote malicious users to steal session cookies and conduct unauthorized activities.
Gnu Mailman
NA
CVE-2001-1132
Mailman 2.0.x prior to 2.0.6 allows remote malicious users to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication.
Gnu Mailman
NA
CVE-2001-0290
Vulnerability in Mailman 2.0.1 and previous versions allows list administrators to obtain user passwords.
Gnu Mailman
6.3
CVSSv3
CVE-2021-34337
An issue exists in Mailman Core prior to 3.3.5. An attacker with access to the REST API could use timing attacks to determine the value of the configured REST API password and then make arbitrary REST API calls. The REST API is bound to localhost by default, limiting the ability ...
Gnu Mailman
6.5
CVSSv3
CVE-2018-13796
An issue exists in GNU Mailman prior to 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.
Gnu Mailman
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »