CVE-2025-12674

creationtimestamp| type| source ---|---|--- 2025-11-05 09:01:36+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m4uot2g3672s 2025-11-05 09:37:05+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m4uqq2z2xyc2 2025-11-05 09:40:49+00:00| seen|...

WordPress KiotViet Sync plugin <= 1.8.5 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by kr0d in WordPress Plugin KiotViet Sync versions = 1.8.5...

CLSA-2025-1758896552 dovecot: Fix of CVE-2020-12674

CVE-2020-12674: fix mishandling of zero length in RPA request to prevent auth service crash...

CLSA-2025-1758820840 dovecot: Fix of CVE-2020-12674

CVE-2020-12674: fix mishandling of zero length in RPA request to prevent auth service crash...

Oracle Linux 9 : qemu-kvm (ELSA-2024-12674)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12674 advisory. - hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs Philippe Mathieu-Daude Orabug: 36869694 CVE-2024-3446 - hw/char/virtio-serial-bus: Protec...

SUSE CVE-2020-12674

In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled...

SUSE: Security Advisory (SUSE-SU-2020:2267-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:0028-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:2274-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:2266-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL MAIN 6.02 : dovecot Multiple Vulnerabilities (NS-SA-2021-0054)

The remote NewStart CGSL host, running version MAIN 6.02, has dovecot packages installed that are affected by multiple vulnerabilities: - In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service resource consumption via a...

SUSE SLES15 Security Update : dovecot23 (SUSE-SU-2021:0028-1)

This update for dovecot23 fixes the following issues : Security issues fixed : CVE-2020-12100: Fixed a resource exhaustion caused by deeply nested MIME parts bsc1174920. CVE-2020-12673: Fixed an improper implementation of NTLM that did not check the message buffer size bsc1174922. CVE-2020-12674:...

Security fix for the ALT Linux 9 package dovecot version 2.3.11.3-alt1

2.3.11.3-alt1 built Dec. 7, 2020 Aleksei Nikiforov in task 262166 Nov. 19, 2020 Aleksei Nikiforov - Updated to 2.3.11.3 Fixes: CVE-2020-12100, CVE-2020-12673, CVE-2020-12674...

dovecot security update

1:2.3.8-4 - fix CVE-2020-12100 resource exhaustion via deeply nested MIME parts 1866756 - fix CVE-2020-12673 out of bound reads in dovecot NTLM implementation 1866761 - fix CVE-2020-12674 crash due to assert in RPA implementation 1866768 1:2.3.8-3 - fix CVE-2020-10957 dovecot: malformed NOOP...

Huawei EulerOS: Security Advisory for dovecot (EulerOS-SA-2020-2340)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for dovecot (EulerOS-SA-2020-2152)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for dovecot (EulerOS-SA-2020-2117)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for dovecot (FEDORA-2020-b8ebc4201e)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Amazon Linux 2 : dovecot (ALAS-2020-1489)

The version of dovecot installed on the remote host is prior to 2.2.36-6. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1489 advisory. In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zer...

Important: dovecot

Issue Overview: In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled. A flaw was found in dovecot. An attacker can use the way dovecot handles RPA Remote Passphrase Authentication to crash the authentication proce...