Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
email-address project email-address vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-7686
Algorithmic complexity vulnerability in Address.pm in the Email-Address module 1.908 and previous versions for Perl allows remote malicious users to cause a denial of service (CPU consumption) via a crafted string containing a list of e-mail addresses in conjunction with parenthe...
Email-address Project Email-address
7.5
CVSSv3
CVE-2018-12558
The parse() method in the Email::Address module up to and including 1.909 for Perl is vulnerable to Algorithmic complexity on specially prepared input, leading to Denial of Service. Prepared special input that caused this problem contained 30 form-field characters ("\f"...
Email Address Module Project
NA
CVE-2014-4720
Email::Address module prior to 1.904 for Perl uses an inefficient regular expression, which allows remote malicious users to cause a denial of service (CPU consumption) via vectors related to "backtracking into the phrase," a different vulnerability than CVE-2014-0477.
Email Address Module Project
NA
CVE-2014-0477
The parse function in Email::Address module prior to 1.905 for Perl uses an inefficient regular expression, which allows remote malicious users to cause a denial of service (CPU consumption) via an empty quoted string in an RFC 2822 address.
Email Address Module Project
Fedoraproject Fedora
6.1
CVSSv3
CVE-2017-11503
PHPMailer 5.2.23 has XSS in the "From Email Address" and "To Email Address" fields of code_generator.php.
Phpmailer Project Phpmailer 5.2.23
9.8
CVSSv3
CVE-2022-3477
The tagDiv Composer WordPress plugin prior to 3.5, required by the Newspaper WordPress theme prior to 12.1 and Newsmag WordPress theme prior to 5.2.2, does not properly implement the Facebook login feature, allowing unauthenticated malicious users to login as any user by just kno...
Tagdiv Composer Project Tagdiv Composer
Newsmag Project Newsmag
Newspaper Project Newspaper
6.1
CVSSv3
CVE-2017-15612
mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline (such as in java\nscript:) or a crafted email address, related to the escape and autolink functions.
Mistune Project Mistune 0.7.4
5.4
CVSSv3
CVE-2021-24478
The Bookshelf WordPress plugin up to and including 2.0.4 does not sanitise or escape its "Paypal email address" setting before outputting it in the page, leading to an authenticated Stored Cross-Site Scripting issue
Bookshelf Project Bookshelf
5.9
CVSSv3
CVE-2019-13240
An issue exists in GLPI prior to 9.4.1. After a successful password reset by a user, it is possible to change that user's password again during the next 24 hours without any information except the associated email address.
Glpi-project Glpi
5.3
CVSSv3
CVE-2022-2834
The Helpful WordPress plugin prior to 4.5.26 puts the exported logs and feedbacks in a publicly accessible location and guessable names, which could allow malicious users to download them and retrieve sensitive information such as IP, Names and Email Address depending on the plug...
Helpful Project Helpful
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »