Photon OS 5.0: Squid PHSA-2026-5.0-0819

An update of the squid package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0819. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Mageia: Security Advisory (MGASA-2026-0094)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CLSA-2026-1774947465 Fix CVE(s): CVE-2026-32748, CVE-2026-33515, CVE-2026-33526

SECURITY UPDATE: Denial of Service in ICP request handling via double rfc1738escape call causing heap use-after-free - debian/patches/CVE-2026-33526.patch: Remove redundant rfc1738escape call in icpGetRequest - CVE-2026-33526 SECURITY UPDATE: Denial of Service in ICP v3 query handling via...

CVE-2026-33515

creationtimestamp| type| source ---|---|--- 2026-03-25 06:10:59+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mhugkuk4fq27 2026-03-25 14:35:28+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mhvcqxgt2m2r 2026-03-26 03:17:40+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2026-33515

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Squid is a caching proxy for the Web. Prior to version 7.5, due to improper input validation, Squid is vulnerable to out of bounds read when handling ICP traffi...

MiracleLinux 8 : dovecot-2.3.16-2.el8 (AXSA:2022-3412:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3412:01 advisory. dovecot: plaintext commands injection CVE-2021-33515 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

Alibaba Cloud Linux 3 : 0197: dovecot (ALINUX3-SA-2022:0197)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0197 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-33515: The submission service in Dovecot...

Linux Distros Unpatched Vulnerability : CVE-2021-33515

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensitive information can be redirected to an attacker-controlled...

CVE-2024-33515

creationtimestamp| type| source ---|---|--- 2024-05-02 09:46:45+00:00| seen| https://www.cert.at/de/warnungen/2024/5/kritische-sicherheitslucken-in-arubaos-updates-verfugbar...

CVE-2021-33515 affecting package dovecot for versions less than 2.3.20-1

CVE-2021-33515 affecting package dovecot for versions less than 2.3.20-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-33515

SoftExpert Excellence Suite 2.1.9 is vulnerable to Cross Site Scripting XSS via query screens...

CVE-2023-33515

CVE-2023-33515 affects SoftExpert Excellence Suite version 2.1.9, with a reported Cross-Site Scripting (XSS) vulnerability exploitable via query screens. The issue is described across multiple sources as an XSS in SoftExpert Suite 2.1.9, and the commonly cited attack path involves input that is r...

CVE-2023-33515

SoftExpert Excellence Suite 2.1.9 is vulnerable to Cross Site Scripting XSS via query screens...

Debian: Security Advisory (DLA-3122-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CLSA-2022-1653506138 Fixed CVE-2021-33515 in dovecot

CVE-2021-33515: fix possible command injection by stopping reading commands when input was locked by the STARTTLS command...

Oracle Linux 8 : dovecot (ELSA-2022-1950)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-1950 advisory. 1:2.3.16-2 - do not disable xz/lzma for now despite being deprecated 1:2.3.16-1 - dovecot updated to 2.3.16, pigeonhole to 0.5.16 - fix CVE-2021-33515 plaintext...

Rocky Linux 8 : dovecot (RLSA-2022:1950)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1950 advisory. - The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensitive information can be redirected to an attacker-controlle...

dovecot security update

1:2.3.16-2 - do not disable xz/lzma for now despite being deprecated 1:2.3.16-1 - dovecot updated to 2.3.16, pigeonhole to 0.5.16 - fix CVE-2021-33515 plaintext commands injection 1980014...

AlmaLinux 8 : dovecot (ALSA-2022:1950)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1950 advisory. - The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensitive information can be redirected to an attacker-controlled...

Moderate: Red Hat Security Advisory: dovecot security update

An update for dovecot is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...