Aggregates CVE and security vulnerability intelligence across all rediff-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk denial of service and related problems; some flaws may lead to vendor impact application crash and vendor impact file overwrite, affecting vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2019-11836 | The Rediffmail (aka com.rediff.mail.and) application 2.2.6 for Android has cleartext mail content in file storage, persisting after a logout. | [email protected] | 4.6 | 0.03% | 2019-05-09 | 2024-11-21 |
| CVE-2007-1402 | The Rediff Toolbar 2.0 ActiveX control in redifftoolbar.dll allows remote attackers to cause a denial of service via unspecified manipulations, possibly involving improper initialization or blank arguments. | [email protected] | 7.5 | 3.49% | 2007-03-10 | 2026-04-23 |
| CVE-2006-6838 | Rediff Bol Downloader ActiveX (OCX) control allows remote attackers to execute arbitrary files, and obtain sensitive information (usernames and pathnames), via a URL in the url vbscript parameter. | [email protected] | 7.5 | 3.38% | 2006-12-31 | 2026-04-23 |