Search CVE reports


Toggle filters

1 – 7 of 7 results


CVE-2021-37746

Medium priority
Needs evaluation

textview_uri_security_check in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click.

2 affected packages

claws-mail, sylpheed

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
claws-mail Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
sylpheed Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2017-17517

Medium priority
Vulnerable

libsylph/utils.c in Sylpheed through 3.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.

1 affected packages

sylpheed

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sylpheed Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2007-2958

Unknown priority
Fixed

Format string vulnerability in the inc_put_error function in src/inc.c in Sylpheed 2.4.4, and Sylpheed-Claws (Claws Mail) 1.9.100 and 2.10.0, allows remote POP3 servers to execute arbitrary code via format string specifiers in...

4 affected packages

claws-mail, sylpheed, sylpheed-claws, sylpheed-claws-gtk2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
claws-mail
sylpheed
sylpheed-claws
sylpheed-claws-gtk2
Show less packages

CVE-2007-1267

Negligible priority
Ignored

Sylpheed 2.2.7 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Sylpheed from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components,...

1 affected packages

sylpheed

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sylpheed
Show less packages

CVE-2006-2920

Unknown priority

Some fixes available 14 of 17

Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character.

4 affected packages

claws-mail, sylpheed-claws, sylpheed-claws-gtk2, sylpheed-gtk1

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
claws-mail
sylpheed-claws
sylpheed-claws-gtk2
sylpheed-gtk1
Show less packages

CVE-2005-3354

Unknown priority
Fixed

Stack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long lines.

3 affected packages

nbd, sylpheed, sylpheed-claws

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
nbd
sylpheed
sylpheed-claws
Show less packages

CVE-2005-0926

Unknown priority
Not affected

Buffer overflow in Sylpheed before 1.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attachments with MIME-encoded file names.

1 affected packages

sylpheed

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sylpheed
Show less packages