Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 2025/01/01 12:0 a.m.1 views

PT-2025-54917

Name of the Vulnerable Software and Affected Versions Dovecot versions prior to 2.4.3 Description Sending invalid base64 SASL data can disrupt the login process by disconnecting it from the authentication server, leading to the failure of all active authentication sessions. This can be used to...

8.2CVSS5.8AI score0.0009EPSS
Exploits7References47
OSV
OSVadded 2024/09/10 3:15 p.m.1 views

ALPINE-CVE-2024-23185

Very large headers can cause resource exhaustion when parsing message. The message-parser normally reads reasonably sized chunks of the message. However, when it feeds them to message-header-parser, it starts building up "fullvalue" buffer out of the smaller chunks. The fullvalue buffer has no si...

7.5CVSS7.2AI score0.00656EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2024/09/10 2:38 p.m.11 views

CVE-2024-23185

Very large headers can cause resource exhaustion when parsing message. The message-parser normally reads reasonably sized chunks of the message. However, when it feeds them to message-header-parser, it starts building up "fullvalue" buffer out of the smaller chunks. The fullvalue buffer has no si...

7.5CVSS7.3AI score0.00656EPSS
Exploits1References1
SUSE CVE
SUSE CVEadded 2023/02/15 6:13 a.m.1 views

SUSE CVE-2006-5973

Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmapdisable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service crash via unspecified vectors involving the cache file...

5CVSS7.2AI score0.02681EPSS
Exploits0References4
Microsoft CVE
Microsoft CVEadded 2022/01/19 8:0 a.m.4 views

The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensitive information can be redirected to an attacker-controlled address.

...

5.8CVSS7AI score0.05864EPSS
Exploits0
OpenVAS
OpenVASadded 2009/12/02 12:0 a.m.31 views

Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability

This host has Dovecot installed and is prone to Security Bypass Vulnerability OpenVAS Vulnerability Test $Id: gbdovecotbasedirsecbypassvuln.nasl 4865 2016-12-28 16:16:43Z teissa $ Description: Dovecot 'basedir' Insecure Permissions Security Bypass Vulnerability Authors: Antu Sanadi Copyright:...

4.6CVSS5.3AI score0.00083EPSS
Exploits0References3
OpenVAS
OpenVASadded 2009/09/23 12:0 a.m.16 views

Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities

This host has Dovecot Sieve Plugin installed and is prone to multiple Buffer Overflow Vulnerabilities OpenVAS Vulnerability Test $Id: secpoddovecotsievemultbofvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities Authors: Antu Sanadi Copyright:...

7.5CVSS0.7AI score0.02782EPSS
Exploits0References3
Rows per page
Query Builder