Vulnerabilities > GNU > Mailman > 2.1b1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-15 | CVE-2021-34337 | Unspecified vulnerability in GNU Mailman An issue was discovered in Mailman Core before 3.3.5. | 6.3 |
2006-09-06 | CVE-2006-3636 | Multiple Security vulnerability in GNU Mailman Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.9rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. network gnu | 6.8 |
2006-09-06 | CVE-2006-2941 | Multiple Security vulnerability in GNU Mailman Mailman before 2.1.9rc1 allows remote attackers to cause a denial of service via unspecified vectors involving "standards-breaking RFC 2231 formatted headers". | 5.0 |
2006-03-31 | CVE-2006-0052 | Denial Of Service vulnerability in GNU Mailman Attachment Scrubber Malformed MIME Message The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, when using Python's library email module 2.5, allows remote attackers to cause a denial of service (mailing list delivery failure) via a multipart MIME message with a single part that has two blank lines between the first boundary and the end boundary. | 5.0 |
2005-05-02 | CVE-2005-0202 | Unspecified vulnerability in GNU Mailman Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended to remove "../" and "./" sequences. | 5.0 |
2005-01-10 | CVE-2004-1177 | Unspecified vulnerability in GNU Mailman Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page. network gnu | 4.3 |
2004-12-31 | CVE-2004-1143 | Unspecified vulnerability in GNU Mailman The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for remote attackers to guess passwords via a brute force attack. | 7.5 |
2004-08-18 | CVE-2004-0412 | Password Retrieval vulnerability in GNU Mailman Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server. | 5.0 |