Lucene search
K

2317 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.11 views

RHEL 9 : dovecot (RHSA-2026:19364)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19364 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.10 views

RHEL 10 : dovecot (RHSA-2026:19149)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19149 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References8
AlmaLinux
AlmaLinux
added 2026/05/19 12:0 a.m.12 views

Important: dovecot security update

Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References8
RedhatCVE
RedhatCVE
added 2026/05/18 3:4 p.m.14 views

CVE-2026-40020

A flaw was found in dovecot. A remote attacker can exploit the Internet Message Access Protocol IMAP SETACL command to inject "anyone" permissions into a user's dovecot-acl file, even when the imapaclallowanyone setting is disabled. This vulnerability allows an attacker to spam folders to all...

6.5CVSS5.7AI score0.00271EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/18 2:57 p.m.16 views

CVE-2026-33603

A flaw was found in Dovecot. An attacker, positioned as a Man-in-the-Middle MITM between Dovecot and a client, can exploit a specially crafted base64 exchange to fake SCRAM TLS channel binding. This allows the attacker to eavesdrop on communications between Dovecot and the client, leading to...

6.8CVSS5.7AI score0.00222EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/18 12:39 p.m.12 views

dovecot: denial of service via crafted message before authentication

A flaw was found in dovecot. An unauthenticated and remote attacker can send a crafted message that causes managesieve to allocate an excessive amount of memory, forcing managesieve-login to be unavailable by repeatedly crashing the process, resulting in a denial of service...

7.5CVSS5.8AI score0.0079EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/18 12:39 p.m.11 views

Important: Red Hat Security Advisory: dovecot security update

An update for dovecot is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2026/05/18 12:39 p.m.10 views

dovecot: denial of service via specially crafted NOOP command

A flaw was found in dovecot. An unauthenticated and remote attacker can send a specially crafted "NOOP" command containing numerous open and close parentheses without a command-ending line feed, causing the server to allocate an excessive amount of memory, resulting in a denial of service...

7.5CVSS5.8AI score0.00667EPSS
Exploits1References5
Packet Storm News
Packet Storm News
added 2026/05/18 12:0 a.m.12 views

OX Dovecot Pro / CE Improper Handling / Denial of Service / Bypass

OX Dovecot Pro and Ox Dovecot CE suffer from bypass, denial of service, and insecure handling vulnerabilities. Versions affected vary based on the issue...

9.1CVSS5.8AI score0.00454EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.8 views

RHEL 8 : dovecot (RHSA-2026:18053)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18053 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References8
OSV
OSV
added 2026/05/15 11:22 p.m.7 views

CLSA-2026-1778882329 dovecot: Fix of CVE-2026-27857

CVE-2026-27857: improve fix by enforcing listcountlimit on '' openlist instead of '' closelist; the previous fix did not actually limit memory growth from many '' characters...

7.5CVSS5.8AI score0.00667EPSS
Exploits1References1
OSV
OSV
added 2026/05/15 10:15 a.m.7 views

RHSA-2026:17630 Red Hat Security Advisory: dovecot security update

Bulletin has no description...

7.5CVSS5.7AI score0.0079EPSS
Exploits2References16
OSV
OSV
added 2026/05/15 10:15 a.m.8 views

RHSA-2026:17628 Red Hat Security Advisory: dovecot security update

Bulletin has no description...

7.5CVSS5.7AI score0.0079EPSS
Exploits2References16
OSV
OSV
added 2026/05/15 10:15 a.m.8 views

RHSA-2026:17626 Red Hat Security Advisory: dovecot security update

Bulletin has no description...

7.5CVSS5.7AI score0.0079EPSS
Exploits2References16
OSV
OSV
added 2026/05/15 10:15 a.m.7 views

RHSA-2026:17625 Red Hat Security Advisory: dovecot security update

Bulletin has no description...

7.5CVSS5.7AI score0.0079EPSS
Exploits2References16
OSV
OSV
added 2026/05/15 10:15 a.m.7 views

RHSA-2026:17602 Red Hat Security Advisory: dovecot security update

Bulletin has no description...

7.5CVSS5.7AI score0.0079EPSS
Exploits2References16
RedHat Linux
RedHat Linux
added 2026/05/14 3:35 p.m.13 views

dovecot: denial of service via specially crafted NOOP command

A flaw was found in dovecot. An unauthenticated and remote attacker can send a specially crafted "NOOP" command containing numerous open and close parentheses without a command-ending line feed, causing the server to allocate an excessive amount of memory, resulting in a denial of service...

7.5CVSS5.8AI score0.00667EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/05/14 3:35 p.m.11 views

dovecot: denial of service via crafted message before authentication

A flaw was found in dovecot. An unauthenticated and remote attacker can send a crafted message that causes managesieve to allocate an excessive amount of memory, forcing managesieve-login to be unavailable by repeatedly crashing the process, resulting in a denial of service...

7.5CVSS5.8AI score0.0079EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/14 3:35 p.m.11 views

Important: Red Hat Security Advisory: dovecot security update

An update for dovecot is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2026/05/14 3:19 p.m.10 views

Important: Red Hat Security Advisory: dovecot security update

An update for dovecot is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References4
Rows per page
Query Builder