CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 1CVE-2019-10740
https://notcve.org/view.php?id=CVE-2019-10740
07 Apr 2019 — In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker. En Roundcube Webmail en versiones... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 6.1EPSS: 31%CPEs: 2EXPL: 0CVE-2018-19206 – Debian Security Advisory 4344-1
https://notcve.org/view.php?id=CVE-2018-19206
12 Nov 2018 — steps/mail/func.inc in Roundcube before 1.3.8 has XSS via crafted use of <svg><style>, as demonstrated by an onload attribute in a BODY element, within an HTML attachment. steps/mail/func.inc en Roundcube en versiones anteriores a la 1.3.8 tiene Cross-Site Scripting (XSS) mediante el uso manipulado de Aidan Marlin discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, is prone to a cross-site scripting vulnerability in handling invalid style tag content. • https://github.com/roundcube/roundcubemail/releases/tag/1.3.8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-19205
https://notcve.org/view.php?id=CVE-2018-19205
12 Nov 2018 — Roundcube before 1.3.7 mishandles GnuPG MDC integrity-protection warnings, which makes it easier for attackers to obtain sensitive information, a related issue to CVE-2017-17688. This is associated with plugins/enigma/lib/enigma_driver_gnupg.php. Roundcube en versiones anteriores a la 1.3.7 gestiona de manera incorrecta las advertencias de integridad/protección GnuPG MDC, lo que facilita que los atacantes obtengan información sensible. Esto está relacionado con CVE-2017-17688. Esto está asociado con plugins... • https://github.com/roundcube/roundcubemail/releases/tag/1.3.7 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 40%CPEs: 2EXPL: 0CVE-2018-9846 – Debian Security Advisory 4181-1
https://notcve.org/view.php?id=CVE-2018-9846
07 Apr 2018 — In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin enabled and configured, it's possible to exploit the unsanitized, user-controlled "_uid" parameter (in an archive.php _task=mail&_mbox=INBOX&_action=plugin.move2archive request) to perform an MX (IMAP) injection attack by placing an IMAP command after a %0d%0a sequence. NOTE: this is less easily exploitable in 1.3.4 and later because of a Same Origin Policy protection mechanism. En Roundcube, de las versiones 1.2.0 a 1.3.5, con el plugin arc... • https://github.com/roundcube/roundcubemail/issues/6229 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-1000071
https://notcve.org/view.php?id=CVE-2018-1000071
13 Mar 2018 — roundcube version 1.3.4 and earlier contains an Insecure Permissions vulnerability in enigma plugin that can result in exfiltration of gpg private key. This attack appear to be exploitable via network connectivity. roundcube, en versiones 1.3.4 y anteriores, contiene una vulnerabilidad de permisos inseguros en el plugin enigma que puede resultar en la exfiltración de la clave privada gpgp. Este ataque parece ser explotable mediante conectividad de red. • https://github.com/roundcube/roundcubemail/issues/6173 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 1%CPEs: 13EXPL: 5CVE-2017-16651 – Roundcube Webmail File Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-16651
09 Nov 2017 — Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at the target system with a valid username/password as the attack requires an active session. The issue is related to file-based attachment plugins and _task=settings&_action=upload-display&_from=timezone requests. Roundcube Webmail, en versiones a... • https://packetstorm.news/files/id/180675 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2015-5382
https://notcve.org/view.php?id=CVE-2015-5382
23 May 2017 — program/steps/addressbook/photo.inc in Roundcube Webmail before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via the _alt parameter when uploading a vCard. program/steps/addressbook/photo.inc en Roundcube Webmail, en versiones anteriores a la 1.0.6 y 1.1.x anteriores a la 1.1.2, permitiría a usuarios remotos autenticados leer ficheros arbitrarios a través del parámetro _alt parameter cuando cargamos una vCard. • http://www.openwall.com/lists/oss-security/2015/07/07/2 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2015-5381
https://notcve.org/view.php?id=CVE-2015-5381
23 May 2017 — Cross-site scripting (XSS) vulnerability in program/include/rcmail.php in Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the _mbox parameter to the default URI. Vulnerabilidad de tipo Cross-site scripting (XSS) en program/include/rcmail.php en Roundcube Webmail, versiones 1.1.x anteriores a la 1.1.2, que permitiría a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través del parámetro _mbox en la URI por defecto. • http://trac.roundcube.net/ticket/1490417 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2015-5383
https://notcve.org/view.php?id=CVE-2015-5383
23 May 2017 — Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to obtain sensitive information by reading files in the (1) config, (2) temp, or (3) logs directory. Roundcube Webmail versiones 1.1.x anteriores a la 1.1.2, permitiría a atacantes remotos obtener información sensible a través de la lectura de ficheros en los directorios (1) config, (2) temp, o (3) logs. • http://www.openwall.com/lists/oss-security/2015/07/07/2 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2017-8114 – Gentoo Linux Security Advisory 201707-11
https://notcve.org/view.php?id=CVE-2017-8114
29 Apr 2017 — Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before 1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin. Roundcube Webmail permite reinicios de contraseña arbitrarios por usuarios autenticados. Esto afecta a las versiones anteriores a la 1.0.11, entre la 1.1.x y la 1.1.9 y entre la 1.2.x y la 1.2.5. • http://www.securityfocus.com/bid/98445 • CWE-269: Improper Privilege Management •