Lucene search
+L

31 matches found

RedhatCVE
RedhatCVE
added 2 days ago10 views

CVE-2026-47089

A flaw was found in Cyrus IMAP cyrus-imapd. An authenticated user can exploit this vulnerability by using the IMAP LISTRIGHTS command. This allows the user to learn the access permissions of any mailbox they can name, which should be restricted to administrators. This leads to unauthorized...

4.3CVSS6AI score0.00168EPSS
Exploits0References5
NVD
NVD
added 3 days ago7 views

CVE-2026-47082

An issue was discovered in cyrus-imapd in Cyrus IMAP through 3.12.2. The vacation "fcc" feature skips the destination-mailbox ACL. A user whose vacation Sieve script used :fcc to save a copy of the sent message could deliver vacation auto-reply copies into any mailbox the script could name,...

5.4CVSS0.00176EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 3 days ago10 views

PT-2026-60554

Name of the Vulnerable Software and Affected Versions Cyrus IMAP versions prior to 3.12.3 Description An issue exists where tokens issued via the GENURLAUTH command can bypass Access Control Lists ACLs. An authenticated user can generate a URLAUTH token for any specified mailbox, regardless of...

3.5CVSS5.3AI score0.00169EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.11 views

PT-2026-30031

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on Mailboxes report...

7.3CVSS5.9AI score0.00527EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 11:12 a.m.10 views

CVE-2016-10767

cPanel before 60.0.25 allows stored XSS in the WHM Repair Mailbox Permissions interface SEC-159...

5.4CVSS5.9AI score0.00531EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2006-1178

Malware in sbrugna...

3.7CVSS6AI score0.00444EPSS
Exploits0References31
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2010-3690

Malware in sbrugna...

5.5CVSS6AI score0.02667EPSS
Exploits0References17
CNNVD
CNNVD
added 2025/05/29 12:0 a.m.4 views

FreeScout 安全漏洞

FreeScout is an ultra-lightweight and powerful free open source helpdesk and shared inbox built using PHP Laravel framework by FreeScout, Inc. A security vulnerability exists in FreeScout versions prior to 1.8.179 that stems from not validating a user's notification setting permissions for a...

8.1CVSS6.5AI score0.00351EPSS
Exploits1References2
Slackware Linux
Slackware Linux
added 2022/02/15 8:4 p.m.15 views

[slackware-security] aaa_base

New aaabase packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/aaabase-15.0-i586-4slack15.0.txz: Rebuilt. If root's mailbox did not already exist, it would be created with insecure permissions...

6.4AI score
Exploits0
NVD
NVD
added 2019/08/05 1:15 p.m.23 views

CVE-2016-10767

cPanel before 60.0.25 allows stored XSS in the WHM Repair Mailbox Permissions interface SEC-159...

5.4CVSS5.2AI score0.00531EPSS
Exploits0References2
OSV
OSV
added 2019/08/05 1:15 p.m.5 views

CVE-2016-10767

cPanel before 60.0.25 allows stored XSS in the WHM Repair Mailbox Permissions interface SEC-159...

5.4CVSS5.8AI score0.00531EPSS
Exploits0References2
Prion
Prion
added 2019/08/05 1:15 p.m.16 views

Cross site scripting

cPanel before 60.0.25 allows stored XSS in the WHM Repair Mailbox Permissions interface SEC-159...

3.5CVSS6AI score0.00531EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/08/05 12:51 p.m.24 views

CVE-2016-10767

cPanel before 60.0.25 allows stored XSS in the WHM Repair Mailbox Permissions interface SEC-159...

5.3AI score0.00531EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.24 views

Oracle Linux 3 : shadow-utils (ELSA-2007-0431)

From Red Hat Security Advisory 2007:0431 : An updated shadow-utils package that fixes a security issue and several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The shadow-utils package includes the necessary programs for...

3.7CVSS5.4AI score0.00444EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/06/29 12:0 a.m.30 views

CentOS 4 : shadow-utils (CESA-2007:0276)

Updated shadow-utils packages that fix a security issue and various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The shadow-utils package includes the necessary programs for converting UNIX password files to the shadow...

3.7CVSS5.4AI score0.00444EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.35 views

Scientific Linux Security Update : postfix on SL4.x, SL5.x i386/x86_64

It was discovered that Postfix did not flush the received SMTP commands buffer after switching to TLS encryption for an SMTP session. A man-in-the-middle attacker could use this flaw to inject SMTP commands into a victim's session during the plain text phase. This would lead to those commands bei...

6.8CVSS8.4AI score0.16334EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2011/04/11 12:0 a.m.24 views

CentOS Update for postfix CESA-2011:0422 centos4 i386

Check for the Version of postfix OpenVAS Vulnerability Test CentOS Update for postfix CESA-2011:0422 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

6.8CVSS8.7AI score0.16334EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2011/04/06 10:56 p.m.7 views

postfix improper mailbox permissions

Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name...

1.9CVSS5.8AI score0.0036EPSS
Exploits0References4
OSV
OSV
added 2010/10/06 9:0 p.m.3 views

DEBIAN-CVE-2010-3779

Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared...

3.5CVSS6.4AI score0.01096EPSS
Exploits0References1
OSV
OSV
added 2010/10/06 5:0 p.m.6 views

CVE-2010-3707

plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving...

6AI score
Exploits0References13
Rows per page
Query Builder