Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.13 views

TencentOS Server 3: dovecot (TSSA-2026:0376)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0376 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2026/05/20 2:10 a.m.16 views

Important: Red Hat Security Advisory: dovecot security update

An update for dovecot is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References4
OSV
OSV
added 2026/05/19 12:0 a.m.12 views

ALSA-2026:19364 Important: dovecot security update

Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.10 views

RHEL 10 : dovecot (RHSA-2026:19149)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19149 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References8
AlmaLinux
AlmaLinux
added 2026/05/19 12:0 a.m.11 views

Important: dovecot security update

Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.15 views

RHEL 9 : dovecot (RHSA-2026:17630)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17630 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References8
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.13 views

PT-2026-40030

Name of the Vulnerable Software and Affected Versions dovecot versions prior to 2.4.4-1.1 Description An attacker can cause uncontrolled memory usage via excessive bracing over IMAP. A previous fix was incomplete as it only blocked closing braces, allowing the memory limit to be bypassed using op...

9.1CVSS5.8AI score0.00454EPSS
Exploits0References30
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.13 views

Fedora 44 : dovecot (2026-4349d04c20)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-4349d04c20 advisory. updated to 2.4.3 which includes several security fixes Tenable has extracted the preceding description block directly from the Fedora security...

7.5CVSS5.9AI score0.0079EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.13 views

Fedora 43 : dovecot (2026-51dba40a65)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-51dba40a65 advisory. updated to 2.4.3 which includes several security fixes Tenable has extracted the preceding description block directly from the Fedora security...

7.5CVSS5.9AI score0.0079EPSS
Exploits1References3
OSV
OSV
added 2026/05/05 10:59 a.m.13 views

CLSA-2026-1777978787 dovecot: Fix of CVE-2026-27857

CVE-2026-27857: limit the number of open IMAP parser lists in imap-login to prevent excessive memory usage from deeply nested parentheses e.g. NOOP...

7.5CVSS5.8AI score0.00667EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.7 views

RHEL 9 : dovecot (RHSA-2026:13857)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13857 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References8
Amazon
Amazon
added 2026/04/30 12:0 a.m.11 views

Important: dovecot

Issue Overview: Doveadm credentials are verified using direct comparison which is susceptible to timing oracle attack. An attacker can use this to determine the configured credentials. Figuring out the credential will lead into full access to the affected component. Limit access to the doveadm ht...

7.5CVSS5.6AI score0.00667EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.9 views

openSUSE 16 Security Update : dovecot24 (openSUSE-SU-2026:20554-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20554-1 advisory. - Update to v2.4.3 - CVE-2025-59028: Invalid base64 authentication can cause DoS for other logins bsc1260894. - CVE-2025-59031: decode2text.sh...

8.2CVSS5.9AI score0.0079EPSS
Exploits6References30
Tenable Nessus
Tenable Nessus
added 2026/03/31 12:0 a.m.5 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : Dovecot vulnerabilities (USN-8136-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8136-1 advisory. It was discovered that Dovecot incorrectly handled invalid base64 SASL data. An attacker could possibly use this issue to cause a...

8.2CVSS6AI score0.0079EPSS
Exploits7References12
OSV
OSV
added 2026/03/27 9:16 a.m.5 views

DEBIAN-CVE-2026-27857

Sending "NOOP ..." command with 4000 parenthesis open+close results in 1MB extra memory usage. Longer commands will result in client disconnection. This 1 MB can be left allocated for longer time periods by not sending the command ending LF. So attacker could connect possibly from even a single I...

7.5CVSS5.4AI score0.00667EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/03/27 8:10 a.m.3 views

CVE-2026-27857

Sending "NOOP ..." command with 4000 parenthesis open+close results in 1MB extra memory usage. Longer commands will result in client disconnection. This 1 MB can be left allocated for longer time periods by not sending the command ending LF. So attacker could connect possibly from even a single I...

7.5CVSS5.4AI score0.00667EPSS
Exploits1
OSV
OSV
added 2026/03/27 12:0 a.m.6 views

UBUNTU-CVE-2026-27857

Sending "NOOP ..." command with 4000 parenthesis open+close results in 1MB extra memory usage. Longer commands will result in client disconnection. This 1 MB can be left allocated for longer time periods by not sending the command ending LF. So attacker could connect possibly from even a single I...

7.5CVSS5.8AI score0.00667EPSS
Exploits1References3
Rows per page
Query Builder