Lucene search
K

143 matches found

OSV
OSV
added 2018/11/25 10:29 a.m.11 views

UBUNTU-CVE-2018-19518

University of Washington IMAP Toolkit 2007f on UNIX, as used in imapopen in PHP and other products, launches an rsh command by means of the imaprimap function in c-client/imap4r1.c and the tcpaopen function in osdep/unix/tcpunix.c without preventing argument injection, which might allow remote...

7.5CVSS7.4AI score0.9523EPSS
Exploits6References6
OSV
OSV
added 2018/11/15 3:29 p.m.5 views

CVE-2018-0684

Buffer overflow in Denbun by NEOJAPAN Inc. Denbun POP version V3.3P R3.0 and earlier, Denbun IMAP version V3.3I R3.0 and earlier allows remote attackers to execute arbitrary code or cause a denial-of-service DoS condition via multipart/form-data format data...

9.8CVSS6.1AI score0.03584EPSS
Exploits0References3
OSV
OSV
added 2018/07/26 1:27 p.m.5 views

USN-3724-1 evolution-data-server vulnerability

Jon Kristensen discovered that Evolution Data Server would automatically downgrade a connection to an IMAP server if the IMAP server did not support SSL. This would result in the user's password being unexpectedly sent in clear text, even though the user had requested to use SSL...

9.8CVSS7.3AI score0.02889EPSS
Exploits1References2
CNVD
CNVD
added 2018/07/18 12:0 a.m.9 views

Mutt and NeoMutt Buffer Overflow Vulnerability

NeoMutt is a patched version of Mutt, a text-based mail client for Unix-like systems developed by Michael Elkins Software Developers. A stack buffer overflow vulnerability exists in the imap/message.c file in versions of Mutt prior to 1.10.1 and NeoMutt prior to 2018-07-16, which can be exploited...

9.8CVSS8.6AI score0.0502EPSS
Exploits0References1
OSV
OSV
added 2017/10/23 12:49 p.m.3 views

USN-3457-1 curl vulnerability

Brian Carpenter discovered that curl incorrectly handled IMAP FETCH response lines. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.1CVSS7.4AI score0.06224EPSS
Exploits0References2
Fedora
Fedora
added 2017/08/20 6:35 p.m.28 views

[SECURITY] Fedora 26 Update: cyrus-imapd-3.0.3-1.fc26

The Cyrus IMAP Internet Message Access Protocol server provides access to personal mail, system-wide bulletin boards, news-feeds, calendar and contac ts through the IMAP, JMAP, NNTP, CalDAV and CardDAV protocols. The Cyrus IMAP server is a scalable enterprise groupware system designed for use fro...

6.5CVSS0.5AI score0.01227EPSS
Exploits0
OSV
OSV
added 2017/04/12 11:59 p.m.3 views

UBUNTU-CVE-2017-7703

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly...

7.5CVSS7.1AI score0.03284EPSS
Exploits0References5
OSV
OSV
added 2017/04/12 11:59 p.m.2 views

DEBIAN-CVE-2017-7703

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly...

7.5CVSS7.5AI score0.03284EPSS
Exploits0References1
Prion
Prion
added 2016/06/30 4:59 p.m.24 views

Design/Logic Flaw

It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information...

7.5CVSS6.6AI score0.04698EPSS
Exploits0References25Affected Software2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

chacmool Private Message System 1.1.3 send.php Arbitrary Message Access

No description provided by source. source: http://www.securityfocus.com/bid/11671/info Private Message System is reported prone to multiple vulnerabilities that can allow remote attackers to carry out cross-site scripting attacks and disclose arbitrary private messages. Private Message System 1.1...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/04/16 12:0 a.m.19 views

Amtelco miSecureMessages未授权访问漏洞

Bugtraq ID:66795 CVE ID:CVE-2014-0357 Amtelco miSecureMessages是一个可用于多个移动设备上的对消息进行加密的应用。 Amtelco miSecureMessages对用户消息访问缺少正确的验证,攻击者可在XML请求中提供contactID和合法许可证键值,就可以访问任意用户消息。 0 Amtelco miSecureMessages 目前没有详细解决方案: https://misecuremessages.com/...

5CVSS6.6AI score0.01848EPSS
Exploits2
Prion
Prion
added 2009/08/24 10:30 a.m.18 views

Authentication flaw

NatterChat 1.1 allows remote attackers to bypass authentication and gain administrator privileges to read or delete rooms and messages via a direct request to admin/home.asp...

7.5CVSS7.6AI score0.03154EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.56 views

Fedora Update for uw-imap FEDORA-2008-9383

Check for the Version of uw-imap OpenVAS Vulnerability Test Fedora Update for uw-imap FEDORA-2008-9383 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

10CVSS6.3AI score0.06355EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.16 views

Fedora Update for uw-imap FEDORA-2008-9396

Check for the Version of uw-imap OpenVAS Vulnerability Test Fedora Update for uw-imap FEDORA-2008-9396 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

10CVSS6.3AI score0.06355EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2008/11/20 12:0 a.m.254 views

Mozilla Thunderbird < 2.0.0.18 Multiple Vulnerabilities

The installed version of Thunderbird is earlier than 2.0.0.18. Such versions are potentially affected by the following security issues : - The canvas element can be used in conjunction with an HTTP redirect to bypass same-origin restrictions and gain access to the content in arbitrary images from...

10CVSS8.9AI score0.05865EPSS
Exploits1References17
securityvulns
securityvulns
added 2005/05/20 12:0 a.m.33 views

JavaMail Information Disclosure &#40;msgno&#41;

"The JavaMail API provides a platform-independent and protocol-independent framework to build mail and messaging applications. The JavaMail API is implemented as a Java platform optional package and is also available as part of the Java 2 platform, Enterprise Edition. JavaMail provides a common,...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2004/11/12 12:0 a.m.18 views

chacmool Private Message System 1.1.3 - &#039;send.php&#039; Arbitrary Message Access

source: https://www.securityfocus.com/bid/11671/info Private Message System is reported prone to multiple vulnerabilities that can allow remote attackers to carry out cross-site scripting attacks and disclose arbitrary private messages. Private Message System 1.1.3 is reported vulnerable to these...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/07/17 12:0 a.m.17 views

ZH2003-10SA &#40;security advisory&#41;: Mail System Ver. 0.9 Beta

ZH2003-10SA security advisory: Mail System Ver. 0.9 Beta. Published: 16/07/2003 Released: 16/07/2003 Name: Mail System Ver. 0.9 Beta Affected Systems: All versions ? Issue: Remote attackers can view all messages and sql injection vulnerability Author: [email protected] Description Zone-h Securit...

0.4AI score
Exploits0
OSV
OSV
added 2003/06/16 4:0 a.m.5 views

DEBIAN-CVE-2003-0297

c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service crash and possibly execute arbitrary code via certain large 1 literal and 2 mailbox size values that cause either integer signedness errors or integer overflow errors...

7.5CVSS8.1AI score0.02741EPSS
Exploits0References1
OSV
OSV
added 2003/04/02 5:0 a.m.3 views

DEBIAN-CVE-2003-0167

Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service crash and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than...

7.5CVSS8AI score0.02543EPSS
Exploits0References1
Rows per page
Query Builder