[SECURITY] Fedora 44 Update: dovecot-2.4.4-1.fc44

Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages...

RLSA-2026:19364 Important: dovecot security update

Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...

Important: Red Hat Security Advisory: dovecot security update

An update for dovecot is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

CVE-2026-33603

Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker is able to position itself between Dovecot and the client connection. If successful, the attacker can eavesdrop communications between Dovecot and...

RHEL 8 : dovecot (RHSA-2026:13830)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13830 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...

[SECURITY] Fedora 43 Update: dovecot-2.4.1-6.fc43

Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages...

EUVD-2019-3172

Malware in sbrugna...

OESA-2024-2009 dovecot security update

Dovecot is an IMAP server for Linux/UNIX-like systemsa wrapper package that will just handle common things for all versioned dovecot packages. Security Fixes: CVE-2024-23184 CVE-2024-23185...

SUSE CVE-2019-11499

In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login component crashes if AUTH PLAIN is attempted over a TLS secured channel with an unacceptable authentication message...

Email Bug Allows Message Snooping, Credential Theft

Researchers warn hackers can snoop on email messages by exploiting a bug in the underlying technology used by the majority of email servers that run the Internet Message Access Protocol, commonly referred to as IMAP. The bug, first reported in August 2020 and patched Monday, is tied to the email...

The vulnerability of the Dovecot mail server, related to incorrect validation of input data, allows a hacker to cause malfunctions in the authentication service.

The vulnerability of the Dovecot mail server is related to incorrect validation of input data. Exploiting this vulnerability can allow a remote attacker to cause malfunctions in the authentication service by sending a specially formatted NTLM request...

The vulnerability of the Internet Message Access Protocol (IMAP) implementation in the Dovecot mail server allows a attacker to cause a service failure.

The vulnerability of the Internet Message Access Protocol IMAP implementation in the Dovecot mail server is related to the use of a zero pointer. Exploiting this vulnerability could allow an attacker to cause service failures remotely...

Important: Red Hat Security Advisory: dovecot security update

An update for dovecot is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

DEBIAN-CVE-2019-11494

In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login service crashes when the client disconnects prematurely during the AUTH command...

The vulnerability of the Dovecot mail server, which allows a remote attacker to cause a service failure

The Dovecot software contains a bug in the implementation of the IMAP protocol /imap/cmd-append.c. A malicious actor can cause a service failure by using a specially crafted network packet with an incorrectly set “APPEND” parameter, thereby causing the software to enter an infinite loop...

Exim / Dovecot Command Execution

Advisory: Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution During a penetration test a typical misconfiguration was found in the way Dovecot is used as a local delivery agent by Exim. A common use case for the Dovecot IMAP and POP3 server is the use of Dovecot as a...

Debian Security Advisory DSA 1516-1 (dovecot)

The remote host is missing an update to dovecot announced via advisory DSA 1516-1. OpenVAS Vulnerability Test $Id: deb15161.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1516-1 dovecot Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Dovecot IMAP/POP3 server off-by-one buffer overflow

No description provided...