CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2021-37746
https://notcve.org/view.php?id=CVE-2021-37746
30 Jul 2021 — textview_uri_security_check in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click. La función textview_uri_security_check en el archivo textview.c en Claws Mail versiones anteriores a 3.18.0, y Sylpheed versiones hasta 3.7.0, no presenta suficientes comprobaciones de enlaces antes de aceptar un clic • https://claws-mail.org/download.php?file=releases/claws-mail-3.18.0.tar.xz • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 9.8EPSS: 3%CPEs: 3EXPL: 0CVE-2007-2958
https://notcve.org/view.php?id=CVE-2007-2958
27 Aug 2007 — Format string vulnerability in the inc_put_error function in src/inc.c in Sylpheed 2.4.4, and Sylpheed-Claws (Claws Mail) 1.9.100 and 2.10.0, allows remote POP3 servers to execute arbitrary code via format string specifiers in crafted replies. Vulnerabilidad de formato de cadena en la función inc_put_error en src/inc.c en Sylpheed 2.4.4, y Sylpheed-Claws (Claws Mail) 1.9.100 y 2.10.0, permite a servidores POP3 remotos ejecutar código de su elección a través de especificaciones de formato de cadena en respue... • http://bugs.gentoo.org/show_bug.cgi?id=190104 •
CVSS: 9.1EPSS: 0%CPEs: 16EXPL: 0CVE-2006-2920
https://notcve.org/view.php?id=CVE-2006-2920
09 Jun 2006 — Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character. • http://secunia.com/advisories/20476 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 3%CPEs: 27EXPL: 0CVE-2005-0667
https://notcve.org/view.php?id=CVE-2005-0667
07 Mar 2005 — Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message. • http://secunia.com/advisories/14491 •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2003-0852
https://notcve.org/view.php?id=CVE-2003-0852
25 Oct 2003 — Format string vulnerability in send_message.c for Sylpheed-claws 0.9.4 through 0.9.6 allows remote SMTP servers to cause a denial of service (crash) in sylpheed via format strings in an error message. Vulnerabilidad de cadena de formato en send_message.c de Sylpheed-claws 0.9.4 a 0.9.6a permite a servidores SMTP remotos causar una denegación (caída) en sylpheed mediante cadenas de formato en un mensaje de error. • http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012542.html •