Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.9 views

openSUSE 16 Security Update : dovecot24 (openSUSE-SU-2026:20554-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20554-1 advisory. - Update to v2.4.3 - CVE-2025-59028: Invalid base64 authentication can cause DoS for other logins bsc1260894. - CVE-2025-59031: decode2text.sh...

8.2CVSS5.9AI score0.0079EPSS
Exploits6References30
Tenable Nessus
Tenable Nessus
added 2026/03/31 12:0 a.m.5 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : Dovecot vulnerabilities (USN-8136-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8136-1 advisory. It was discovered that Dovecot incorrectly handled invalid base64 SASL data. An attacker could possibly use this issue to cause a...

8.2CVSS6AI score0.0079EPSS
Exploits7References12
NVD
NVD
added 2026/03/27 9:16 a.m.4 views

CVE-2026-27860

If authusernamechars is empty, it is possible to inject arbitrary LDAP filter to Dovecot's LDAP authentication. This leads to potentially bypassing restrictions and allows probing of LDAP structure. Do not clear out authusernamechars, or install fixed version. No publicly available exploits are...

5.3CVSS0.00286EPSS
Exploits1References1
OSV
OSV
added 2026/03/27 9:16 a.m.3 views

DEBIAN-CVE-2026-27860

If authusernamechars is empty, it is possible to inject arbitrary LDAP filter to Dovecot's LDAP authentication. This leads to potentially bypassing restrictions and allows probing of LDAP structure. Do not clear out authusernamechars, or install fixed version. No publicly available exploits are...

5.3CVSS5.5AI score0.00286EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/27 8:10 a.m.25 views

CVE-2026-27860

If authusernamechars is empty, it is possible to inject arbitrary LDAP filter to Dovecot's LDAP authentication. This leads to potentially bypassing restrictions and allows probing of LDAP structure. Do not clear out authusernamechars, or install fixed version. No publicly available exploits are...

3.7CVSS0.00286EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/03/27 8:10 a.m.2 views

CVE-2026-27860

If authusernamechars is empty, it is possible to inject arbitrary LDAP filter to Dovecot's LDAP authentication. This leads to potentially bypassing restrictions and allows probing of LDAP structure. Do not clear out authusernamechars, or install fixed version. No publicly available exploits are...

5.3CVSS5.4AI score0.00286EPSS
Exploits1
Rows per page
Query Builder