Search
Search Results (26 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-27442 | 1 Seppmail | 2 Seppmail, Seppmail Secure Email Gateway | 2026-04-16 | 7.5 High |
| The GINA web interface in SEPPmail Secure Email Gateway before version 15.0.1 does not properly check attachment filenames in GINA-encrypted emails, allowing an attacker to access files on the gateway. | ||||
| CVE-2026-2748 | 1 Seppmail | 2 Seppmail, Seppmail Secure Email Gateway | 2026-04-16 | 5.3 Medium |
| SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing. | ||||
| CVE-2026-2743 | 1 Seppmail | 1 Seppmail | 2026-04-16 | 9.8 Critical |
| Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer (LFT). This issue affects SeppMail: 15.0.2.1 and before | ||||
| CVE-2022-41871 | 1 Seppmail | 1 Seppmail | 2025-05-14 | 6 Medium |
| SEPPmail through 12.1.17 allows command injection within the Admin Portal. An authenticated attacker is able to execute arbitrary code in the context of the user root. | ||||
| CVE-2021-31739 | 1 Seppmail | 1 Seppmail | 2025-04-29 | 6.1 Medium |
| The SEPPmail solution is vulnerable to a Cross-Site Scripting vulnerability (XSS), because user input is not correctly encoded in HTML attributes when returned by the server.SEPPmail 11.1.10 allows XSS via a recipient address. | ||||
| CVE-2021-31740 | 1 Seppmail | 1 Seppmail | 2025-04-25 | 6.1 Medium |
| SEPPMail's web frontend, user input is not embedded correctly in the web page and therefore leads to cross-site scripting vulnerabilities (XSS). | ||||