All vulnerabilities
11 / 11
Sort
5.3
CVE-2017-17689DEB
The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that c…
2017-01-01Pre-auth
EPSS4.2%
pct 89
4.3
CVE-2016-7966DEB
Through a malicious URL that contained a quote character it was possible to inject HTML code in…
2016-01-01Pre-auth
EPSS2.3%
pct 81
6.3
CVE-2016-7967DEB
KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. Since the…
2016-01-01Pre-auth
EPSS1.9%
pct 77
5.4
CVE-2017-9604DEB
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 1…
2017-01-01Pre-auth
EPSS1.3%
pct 66
5.9
CVE-2014-8878DEB
KDE KMail does not encrypt attachments in emails when "automatic encryption" is enabled, which …
2014-01-01Pre-auth
EPSS1.2%
pct 64
4.3
CVE-2016-7968DEB
KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. HTML Mail…
2016-01-01Pre-auth
EPSS1.2%
pct 63
6.5
CVE-2020-11880DEB
An issue was discovered in KDE KMail before 19.12.3. By using the proprietary (non-RFC6068) "ma…
2020-01-01Pre-auth
EPSS0.9%
pct 53
6.5
CVE-2020-15954DEB
KDE KMail 19.12.3 (aka 5.13.3) engages in unencrypted POP3 communication during times when the …
2020-01-01Pre-auth
EPSS0.7%
pct 46
4.3
CVE-2019-10732DEB
In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them a…
2019-01-01Pre-auth
EPSS0.6%
pct 43
6.5
CVE-2021-38373DEB
In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messa…
2021-01-01
EPSS0.5%
pct 40
5.9
CVE-2024-50624ANC
ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of…
2024-01-01
EPSS0.2%
pct 16
Select a vulnerability on the left to open the preview.