13 matches found
TencentOS Server 3: dovecot (TSSA-2026:0376)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0376 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Important: Red Hat Security Advisory: dovecot security update
An update for dovecot is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...
ALSA-2026:19364 Important: dovecot security update
Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...
RHEL 10 : dovecot (RHSA-2026:19149)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19149 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...
Important: dovecot security update
Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...
Important: Red Hat Security Advisory: dovecot security update
An update for dovecot is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 9 : dovecot (RHSA-2026:17630)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17630 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...
RHEL 9 : dovecot (RHSA-2026:13857)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13857 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...
openSUSE 16 Security Update : dovecot24 (openSUSE-SU-2026:20554-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20554-1 advisory. - Update to v2.4.3 - CVE-2025-59028: Invalid base64 authentication can cause DoS for other logins bsc1260894. - CVE-2025-59031: decode2text.sh...
OESA-2026-1849 dovecot security update
Dovecot is an IMAP server for Linux/UNIX-like systemsa wrapper package that will just handle common things for all versioned dovecot packages. Security Fixes: Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can u...
[SECURITY] [DSA 6197-2] dovecot regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-6197-2 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 06, 2026 https://www.debian.org/security/faq -...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : Dovecot vulnerabilities (USN-8136-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8136-1 advisory. It was discovered that Dovecot incorrectly handled invalid base64 SASL data. An attacker could possibly use this issue to cause a...
CVE-2025-59032
ManageSieve AUTHENTICATE command crashes when using literal as SASL initial response. This can be used to crash ManageSieve service repeatedly, making it unavailable for other users. Control access to ManageSieve port, or disable the service if it's not needed. Alternatively upgrade to a fixed...