Blixhq

blixhq

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Bluemail

bluemail

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-65319 1Blixhq 1Bluemail Dec 31, 2025 Dec 16, 2025 N/A· v4 9.1 CRITICAL· v3 N/A· v2 When using the attachment interaction functionality, Blue Mail 1.140.103 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms...Show more When using the attachment interaction functionality, Blue Mail 1.140.103 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software.Show less
CVE-2019-12367 1Blixhq 1Bluemail Nov 21, 2024 Mar 18, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The BlueMail application through 1.9.5.36 for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READ_EXTERNAL_STORAGE permission.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2025-65319

1Blixhq

1Bluemail

Dec 31, 2025

Dec 16, 2025

N/A· v4

9.1 CRITICAL· v3

N/A· v2

When using the attachment interaction functionality, Blue Mail 1.140.103 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms...Show more

CVE-2019-12367

1Blixhq

1Bluemail

Nov 21, 2024

Mar 18, 2020

N/A· v4

6.1 MEDIUM· v3

4.3 MEDIUM· v2

The BlueMail application through 1.9.5.36 for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READ_EXTERNAL_STORAGE permission.