Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
email security vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2020-3992
OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trig...
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Esxi 7.0.0
Vmware Cloud Foundation
3 Github repositories
1 Article
10
CVSSv2
CVE-2020-12395
Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vuln...
Mozilla Thunderbird
Mozilla Firefox
Mozilla Firefox Esr
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
10
CVSSv2
CVE-2020-7247
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote malicious users to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncomm...
Openbsd Opensmtpd 6.6
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
9 Github repositories
1 Article
10
CVSSv2
CVE-2019-11708
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result ...
Mozilla Firefox Esr
Mozilla Firefox
Mozilla Thunderbird
1 EDB exploit
5 Github repositories
1 Article
10
CVSSv2
CVE-2018-6229
A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 edit policy script could allow an malicious user to execute SQL commands to upload and execute arbitrary code that may harm the target system.
Trendmicro Email Encryption Gateway 5.5
1 EDB exploit
10
CVSSv2
CVE-2018-6228
A SQL injection vulnerability in a Trend Micro Email Encryption Gateway 5.5 policy script could allow an malicious user to execute SQL commands to upload and execute arbitrary code that may harm the target system.
Trendmicro Email Encryption Gateway 5.5
1 EDB exploit
10
CVSSv2
CVE-2018-4872
An issue exists in Adobe Acrobat Reader 2018.009.20050 and previous versions versions, 2017.011.30070 and previous versions versions, 2015.006.30394 and previous versions versions. This vulnerability is a security bypass vulnerability that leads to a sandbox escape. Specifically,...
Adobe Acrobat Reader
Adobe Acrobat Dc
Adobe Acrobat Reader Dc
Adobe Acrobat
1 Article
10
CVSSv2
CVE-2017-12379
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper in...
Debian Debian Linux 7.0
Clamav Clamav
10
CVSSv2
CVE-2017-12377
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper in...
Debian Debian Linux 7.0
Clamav Clamav
10
CVSSv2
CVE-2017-16844
Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a differ...
Procmail Procmail 3.22
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »