Lucene search
K

95 matches found

Debian CVE
Debian CVE
added 2026/05/09 7:37 p.m.9 views

CVE-2026-42245

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, Net::IMAP::ResponseReader has quadratic time complexity when reading large responses containing many string literals. A hostile server can send responses which are...

7.5CVSS5.7AI score0.0041EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/07 9:40 a.m.32 views

CVE-2026-43859

A flaw was found in mutt, an email client, where it mishandles cryptographic digests used for IMAP Internet Message Access Protocol authentication. This incorrect handling could lead to a low integrity impact, potentially allowing a remote attacker to subtly affect the authentication process...

3.7CVSS5.8AI score0.00162EPSS
Exploits0References4
OSV
OSV
added 2026/05/04 1:12 p.m.12 views

JLSEC-2026-428 When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross...

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host...

5.3CVSS5.8AI score0.00611EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.4 views

PT-2026-36775

Name of the Vulnerable Software and Affected Versions mutt versions prior to 2.3.2 Description The imap auth gss security level is mishandled. Recommendations Update to version 2.3.2...

3.7CVSS5.8AI score0.00201EPSS
Exploits0References29
RedHat Linux
RedHat Linux
added 2026/04/20 1:28 a.m.6 views

thunderbird: Out of bounds read in IMAP parsing

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were...

8.2CVSS7.2AI score0.0036EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/03 6:31 a.m.10 views

Roundcube Webmail: Unsanitized IMAP SEARCH command arguments

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Unsanitized IMAP SEARCH command arguments could lead to IMAP injection or CSRF bypass during mail search...

3.1CVSS5.9AI score0.00283EPSS
Exploits0References9Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/03 3:35 a.m.1 views

CVE-2026-35538

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Unsanitized IMAP SEARCH command arguments could lead to IMAP injection or CSRF bypass during mail search...

3.1CVSS5.9AI score0.00283EPSS
Exploits0References7
OSV
OSV
added 2026/03/27 12:30 p.m.7 views

CLSA-2026-1774614606 python3: Fix of CVE-2025-15366

CVE-2025-15366: reject control characters in IMAP commands...

5.9CVSS7.1AI score0.00315EPSS
Exploits0References1
OSV
OSV
added 2026/03/27 12:16 p.m.9 views

CLSA-2026-1774613805 python3: Fix of CVE-2025-15366

CVE-2025-15366: reject control characters in IMAP commands...

5.9CVSS5.8AI score0.00315EPSS
Exploits0References1
Hacker One
Hacker One
added 2026/03/25 7:27 p.m.47 views

curl: Security Vulnerability Report: Protocol Injection via Programmatic Options

Summary Multiple text-based protocol handlers in libcurl including FTP, SMTP, POP3, and IMAP are vulnerable to protocol command injection. This occurs when an application sets credentials or other protocol-specific options programmatically e.g., via CURLOPTUSERNAME, CURLOPTPASSWORD, or...

6AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/03/23 1:32 a.m.6 views

cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

5.9CVSS7AI score0.00315EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/03/19 5:57 p.m.7 views

cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

5.9CVSS5.7AI score0.00315EPSS
Exploits0References7
Ubuntu
Ubuntu
added 2026/03/19 5:20 a.m.12 views

USN-8018-3: Python 2.7 vulnerabilities

USN-8018-1 fixed CVE-2025-12084, CVE-2025-15282, CVE-2026-0672, CVE-2026-0865 for python3. This update provides the corresponding updates for python2.7. Original advisory details: Denis Ledoux discovered that Python incorrectly parsed email message headers. An attacker could possibly use this iss...

6.3CVSS7.2AI score0.00708EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/03/17 10:46 a.m.4 views

cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

5.9CVSS5.7AI score0.00315EPSS
Exploits0References7
OSV
OSV
added 2026/03/12 12:0 a.m.4 views

ALSA-2026:4473 Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

6CVSS7.2AI score0.0056EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/03/10 9:36 a.m.3 views

cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

5.9CVSS5.7AI score0.00315EPSS
Exploits0References7
AlmaLinux
AlmaLinux
added 2026/03/10 12:0 a.m.7 views

Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

6CVSS5.8AI score0.0056EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

MiracleLinux 4 : cyrus-imapd-2.3.16-6.AXS4.3 (AXSA:2011-675:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-675:01 advisory. The cyrus-imapd package contains the core of the Cyrus IMAP server. It is a scaleable enterprise mail system designed for use from small to large...

7.5CVSS9.2AI score0.16334EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2002-1378

Malware in sbrugna...

2.1CVSS6.1AI score0.00371EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-12559

Malicious code in bioql PyPI...

7.5CVSS6.7AI score0.00409EPSS
Exploits0References7
Rows per page
Query Builder