Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to configure encryption or signing for certain outbound e-mail, and possibly. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.
The web framework in the server in Cisco Unified MeetingPlace Web Conferencing allows remote attackers to bypass intended access restrictions and read unspecified web pages via crafted parameters,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to bypass intended restrictions on reading keys in the product's keyring, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled with a "Sign by default" queue configuration, uses a queue's key for signing, which might allow remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, does not ensure that the UI labels unencrypted messages as unencrypted, which might make it easier for. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.