Latest version: v3.3.10
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| CVE-2011-5024 | 62099 |
Cross-site scripting (XSS) vulnerability in mmsearch/design in the Ma… |
|
MEDIUM | 4.3 |
| CVE-2021-34337 | 62720 |
An issue was discovered in Mailman Core before 3.3.5. An attacker wit… |
|
MEDIUM | 6.3 |
| CVE-2006-3636 | 61166 |
Multiple cross-site scripting (XSS) vulnerabilities in Mailman before… |
|
MEDIUM | 6.8 |
| CVE-2006-4624 | 61167 |
CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 a… |
|
LOW | 2.6 |
| CVE-2006-2941 | 61165 |
Mailman before 2.1.9rc1 allows remote attackers to cause a denial of … |
|
MEDIUM | 5.0 |
| CVE-2006-1712 | 61164 |
Cross-site scripting (XSS) vulnerability in the private archive scrip… |
|
LOW | 2.6 |
| CVE-2004-0412 | 61160 |
Mailman before 2.1.5 allows remote attackers to obtain user passwords… |
|
MEDIUM | 5.0 |
| CVE-2005-0080 | 61156 |
The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.1… |
|
MEDIUM | 5.0 |
| CVE-2005-4153 | 61158 |
Mailman 2.1.4 through 2.1.6 allows remote attackers to cause a denial… |
|
HIGH | 7.8 |
| CVE-2003-0965 | 61178 |
Cross-site scripting (XSS) vulnerability in the admin CGI script for … |
|
MEDIUM | 6.8 |
| CVE-2021-43332 | 62684 |
In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py a… |
|
MEDIUM | 6.5 |
| CVE-2021-43331 | 62686 |
In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py use… |
|
MEDIUM | 6.1 |
| CVE-2021-42096 | 62669 |
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A ce… |
|
MEDIUM | 4.3 |
| CVE-2021-42097 | 62668 |
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A cs… |
|
HIGH | 8.0 |
| CVE-2020-15011 | 70582 |
GNU Mailman before 2.1.33 allows arbitrary content injection via the … |
|
MEDIUM | 4.3 |
| CVE-2020-12108 | 70585 |
/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Conten… |
|
MEDIUM | 6.5 |
| CVE-2003-0992 | 61180 |
Cross-site scripting (XSS) vulnerability in the create CGI script for… |
|
MEDIUM | 4.3 |
| CVE-2018-13796 | 36319 |
Unspecified vulnerability in Mailman before 2.1.28 has unknown impact… |
|
MEDIUM | 6.5 |
| CVE-2018-5950 | 66995 |
Cross-site scripting (XSS) vulnerability in the web UI in Mailman bef… |
|
MEDIUM | 6.1 |
| CVE-2018-0618 | 36348 |
Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allo… |
|
MEDIUM | 5.4 |
| CVE-2016-6893 | 65818 |
Cross-site request forgery (CSRF) vulnerability in the user options p… |
|
HIGH | 8.8 |
| CVE-2015-2775 | 25881 |
Directory traversal vulnerability in GNU Mailman before 2.1.20, when … |
|
HIGH | 7.6 |
| CVE-2010-3089 | 25880 |
Mailman 2.1.14rc1 includes a fix for CVE-2010-3089: Multiple security… |
|
LOW | 3.5 |
| CVE-2011-0707 | 25879 |
Mailman 2.1.14 includes a fix for CVE-2011-0707: Three XSS flaws due … |
|
MEDIUM | 4.3 |
| CVE-2016-7123 | 70520 |
Cross-site request forgery (CSRF) vulnerability in the admin web inte… |
|
HIGH | 8.8 |
| CVE-2003-0038 | 61177 |
Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.… |
|
MEDIUM | 4.3 |
| CVE-2001-1132 | 61174 |
Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to … |
|
HIGH | 7.5 |
| CVE-2005-3573 | 61157 |
Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 characte… |
|
MEDIUM | 5.0 |
| CVE-2020-12137 | 70735 |
GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed ap… |
|
MEDIUM | 6.1 |
| CVE-2003-0991 | 61179 |
Unknown vulnerability in the mail command handler in Mailman before 2… |
|
MEDIUM | 5.0 |
| CVE-2002-0855 | 61176 |
Cross-site scripting vulnerability in Mailman before 2.0.12 allows re… |
|
HIGH | 7.5 |
| CVE-2004-0182 | 61159 |
Mailman before 2.0.13 allows remote attackers to cause a denial of se… |
|
MEDIUM | 5.0 |
| CVE-2002-0388 | 61175 |
Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow r… |
|
HIGH | 7.5 |
| CVE-2001-0290 | 61170 |
Vulnerability in Mailman 2.0.1 and earlier allows list administrators… |
|
MEDIUM | 4.6 |
| CVE-2000-0701 | 61168 |
The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properl… |
|
MEDIUM | 4.6 |
| CVE-2000-0861 | 61169 |
Mailman 1.1 allows list administrators to execute arbitrary commands … |
|
HIGH | 7.2 |
| CVE-2004-1177 | 61162 |
Cross-site scripting (XSS) vulnerability in the driver script in mail… |
|
MEDIUM | 4.3 |
| CVE-2004-1143 | 61161 |
The password generation in mailman before 2.1.5 generates only 5 mill… |
|
HIGH | 7.5 |
| CVE-2006-0052 | 61163 |
The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, w… |
|
MEDIUM | 5.0 |
| CVE-2021-44227 | 54192 |
In GNU Mailman before 2.1.38, a list member or moderator can get a CS… |
|
HIGH | 8.8 |