📄 Dovecot MIME Parameter CPU Exhaustion

This Metasploit module targets a denial of service vulnerability in the Dovecot LMTP service caused by excessive CPU consumption. ================================================================================================================================== | Title : Dovecot MIME Parameter CPU...

openSUSE 16 Security Update : dovecot24 (openSUSE-SU-2026:20554-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20554-1 advisory. - Update to v2.4.3 - CVE-2025-59028: Invalid base64 authentication can cause DoS for other logins bsc1260894. - CVE-2025-59031: decode2text.sh...

CVE-2026-27859

creationtimestamp| type| source ---|---|--- 2026-03-27 12:09:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mi23k4xfpy27...

DEBIAN-CVE-2026-27859

A mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU. A suitably formatted mail message causes mail delivery process to consume large amounts of CPU time. Use MTA capabilities to limit RFC 2231 MIME parameters in mail messages, or upgrade to fixed...

CVE-2026-27859

A mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU. A suitably formatted mail message causes mail delivery process to consume large amounts of CPU time. Use MTA capabilities to limit RFC 2231 MIME parameters in mail messages, or upgrade to fixed...

CVE-2026-27859

A mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU. A suitably formatted mail message causes mail delivery process to consume large amounts of CPU time. Use MTA capabilities to limit RFC 2231 MIME parameters in mail messages, or upgrade to fixed...

CVE-2023-27859

IBM Db2 10.1, 10.5, and 11.1 could allow a remote user to execute arbitrary code caused by installing like named jar files across multiple databases. A user could exploit this by installing a malicious jar file that overwrites the existing like named jar file in another database. IBM X-Force ID:...

CVE-2024-27859

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content may lead to arbitrary code execution...

CVE-2024-27859

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content may lead to arbitrary code execution...

CVE-2024-27859

creationtimestamp| type| source ---|---|--- 2025-02-10 18:18:19+00:00| seen| https://infosec.exchange/users/cve/statuses/113980964748069947 2025-02-10 18:47:03+00:00| seen| https://infosec.exchange/users/vuldb/statuses/113981077764064439 2025-02-10 19:16:02+00:00| seen|...

CVE-2024-27859

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content may lead to arbitrary code execution...

CVE-2024-27859

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content may lead to arbitrary code execution...

CVE-2020-27859

This vulnerability allows remote attackers to disclose sensitive information on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GetEuaLogDownloadAction class. The issue results from the lack of...

Security Bulletin: There are multiple vulnerabilities in IBM DB2 bundled with IBM Application Performance Management products.

Summary IBM Application Performance Management is vulnerable to denial of service, remote code execution, information disclosures and other vulnerabilities due to bundled product IBM ® Db2. This bulletin identifies the steps to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-471...

Security Bulletin: IBM Db2 and IBM Java SDK used by IBM Security Verify Governance - Identity Manager have multiple vulnerabilities

Summary Information about security vulnerabilities affecting IBM DB2 and IBM Java has been published in security bulletins. IBM Security Verify Governance - Identity Manager ships with IBM DB2 and IBM Java SDK. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

Security Bulletin: Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server

Summary IBM Db2 is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM Db2 have been published in a security bulletin CVE-2023-47158, CVE-2023-47145, CVE-2023-47747, CVE-2023-27859, CVE-2023-47746, CVE-2023-47152, CVE-2023-47141, CVE-2023-45193,...

CVE-2023-27859

creationtimestamp| type| source ---|---|--- 2024-01-22 21:31:19+00:00| seen| https://t.me/ctinow/171438...

CVE-2023-27859

Summary: CVE-2023-27859 affects IBM Db2 on Linux/UNIX/Windows (Db2 10.1, 10.5, 11.1) where a remote attacker could execute arbitrary code by installing a malicious jar that overwrites a like-named jar across databases. The underlying issue is a jar-file installation/overwrite path that spans mult...

CVE-2022-27859

creationtimestamp| type| source ---|---|--- 2022-06-15 18:26:23+00:00| seen| https://t.me/cibsecurity/44521...

CVE-2022-27859

Multiple Authenticated contributor or higher user role Stored Cross-Site Scripting XSS vulnerabilities in Nicdark d.o.o. Travel Management plugin = 2.0 at WordPress...