Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/13 12:0 a.m.8 views

Amazon Linux 2023 : dovecot, dovecot-devel, dovecot-mysql (ALAS2023-2026-1570)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1570 advisory. Doveadm credentials are verified using direct comparison which is susceptible to timing oracle attack. An attacker can use this to determine the configured credentials. Figuring out the...

7.5CVSS5.8AI score0.0079EPSS
Exploits2References8
OSV
OSV
added 2026/04/11 2:3 p.m.6 views

OESA-2026-1849 dovecot security update

Dovecot is an IMAP server for Linux/UNIX-like systemsa wrapper package that will just handle common things for all versioned dovecot packages. Security Fixes: Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can u...

7.5CVSS5.8AI score0.0079EPSS
Exploits6References9
SUSE CVE
SUSE CVE
added 2026/03/28 12:28 a.m.10 views

SUSE CVE-2026-27858

Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can force managesieve-login to be unavailable by repeatedly crashing the process. Protect access to managesieve protocol, or install fixed version. No public...

7.5CVSS5.9AI score0.0079EPSS
Exploits0References10
EUVD
EUVD
added 2026/03/27 9:31 a.m.4 views

EUVD-2026-16569

Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can force managesieve-login to be unavailable by repeatedly crashing the process. Protect access to managesieve protocol, or install fixed version. No public...

7.5CVSS5.9AI score0.0079EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/27 8:10 a.m.2 views

CVE-2026-27858

Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can force managesieve-login to be unavailable by repeatedly crashing the process. Protect access to managesieve protocol, or install fixed version. No public...

7.5CVSS5.9AI score0.0079EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/27 8:10 a.m.10 views

CVE-2026-27858

Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can force managesieve-login to be unavailable by repeatedly crashing the process. Protect access to managesieve protocol, or install fixed version. No public...

7.5CVSS5.9AI score0.0079EPSS
Exploits0References2
OSV
OSV
added 2026/03/27 8:10 a.m.1 views

CVE-2026-27858

Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can force managesieve-login to be unavailable by repeatedly crashing the process. Protect access to managesieve protocol, or install fixed version. No public...

7.5CVSS5.9AI score0.0079EPSS
Exploits0References20
AlpineLinux
AlpineLinux
added 2026/03/27 8:10 a.m.6 views

CVE-2025-59032

ManageSieve AUTHENTICATE command crashes when using literal as SASL initial response. This can be used to crash ManageSieve service repeatedly, making it unavailable for other users. Control access to ManageSieve port, or disable the service if it's not needed. Alternatively upgrade to a fixed...

7.5CVSS5.2AI score0.00703EPSS
Exploits1References18
OSV
OSV
added 2026/03/27 12:0 a.m.8 views

UBUNTU-CVE-2025-59032

ManageSieve AUTHENTICATE command crashes when using literal as SASL initial response. This can be used to crash ManageSieve service repeatedly, making it unavailable for other users. Control access to ManageSieve port, or disable the service if it's not needed. Alternatively upgrade to a fixed...

7.5CVSS5.8AI score0.00703EPSS
Exploits1References3
Rows per page
Query Builder