CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

Tenable Nessus•added 2026/05/02 12:0 a.m.•5 views

SUSE SLES12 Security Update : dovecot22 (SUSE-SU-2026:1641-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1641-1 advisory. - CVE-2025-59031: decode2text.sh OOXML extraction may follow symlinks and read unintended files during indexing bsc1260895. - CVE-2025-59032:...

7.5CVSS5.8AI score0.00456EPSS

Exploits5References22

SUSE Linux•added 2026/04/28 11:53 a.m.•3 views

Security update for dovecot22

This update for dovecot22 fixes the following issues: CVE-2025-59031: decode2text.sh OOXML extraction may follow symlinks and read unintended files during indexing bsc1260895. CVE-2025-59032: pigeonhole: ManageSieve panic occurs with sieve-connect as a client bsc1260902. CVE-2026-27855: OTP drive...

9.1CVSS5.3AI score0.00456EPSS

Exploits5References28

Packet Storm•added 2026/04/22 12:0 a.m.•60 views

📄 Dovecot MIME Parameter CPU Exhaustion

This Metasploit module targets a denial of service vulnerability in the Dovecot LMTP service caused by excessive CPU consumption. ================================================================================================================================== | Title : Dovecot MIME Parameter CPU...

5.3CVSS5.7AI score0.00374EPSS

Exploits1

OSV•added 2026/04/16 1:15 p.m.•5 views

SUSE-SU-2026:21208-1 Security update for dovecot24

This update for dovecot24 fixes the following issues: - Update to v2.4.3 - CVE-2025-59028: Invalid base64 authentication can cause DoS for other logins bsc1260894. - CVE-2025-59031: decode2text.sh OOXML extraction may follow symlinks and read unintended files during indexing bsc1260895. -...

8.2CVSS5.8AI score0.00456EPSS

Exploits6References21

OSV•added 2026/04/16 1:10 p.m.•6 views

OPENSUSE-SU-2026:20554-1 Security update for dovecot24

8.2CVSS5.8AI score0.00456EPSS

Exploits6References20

SUSE CVE•added 2026/03/28 12:28 a.m.•3 views

SUSE CVE-2026-27859

A mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU. A suitably formatted mail message causes mail delivery process to consume large amounts of CPU time. Use MTA capabilities to limit RFC 2231 MIME parameters in mail messages, or upgrade to fixed...

5.3CVSS5.9AI score0.00374EPSS

Exploits1References5

Tenable Nessus•added 2026/03/28 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-27859

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU. A suitably formatted mail message causes mail delivery...

5.3CVSS5.8AI score0.00374EPSS

Exploits1References3

EUVD•added 2026/03/27 9:31 a.m.•1 views

EUVD-2026-16571

5.3CVSS5.9AI score0.00374EPSS

Exploits1References2

NVD•added 2026/03/27 9:16 a.m.•3 views

CVE-2026-27859

5.3CVSS0.00374EPSS

Exploits1References1

OSV•added 2026/03/27 9:16 a.m.•4 views

ALPINE-CVE-2026-27859

5.3CVSS5.9AI score0.00374EPSS

Exploits1References1

Cvelist•added 2026/03/27 8:10 a.m.•24 views

CVE-2026-27859

5.3CVSS0.00374EPSS

Exploits1References1

ATTACKERKB•added 2026/03/27 8:10 a.m.•6 views

CVE-2026-27859

5.3CVSS5.9AI score0.00374EPSS

Exploits1References2

Vulnrichment•added 2026/03/27 8:10 a.m.•1 views

CVE-2026-27859

5.3CVSS5.9AI score0.00374EPSS

Exploits1References1

CVE•added 2026/03/27 8:10 a.m.•10 views

CVE-2026-27859

The CVE-2026-27859 issue concerns LMTP processing of mail messages with excessive RFC 2231 MIME parameters, which can cause unusually high CPU usage in the mail delivery process. Affected systems are those that rely on LMTP for mail transfer; the underlying cause is the handling/parsing of RFC 22...

5.3CVSS5.9AI score0.00374EPSS

Exploits1References1Affected Software2

AlpineLinux•added 2026/03/27 8:10 a.m.•3 views

CVE-2026-27859

5.3CVSS5.9AI score0.00374EPSS

Exploits1References1

UbuntuCve•added 2026/03/27 12:0 a.m.•3 views

CVE-2026-27859

5.3CVSS5.9AI score0.00374EPSS

Exploits1References2

CNNVD•added 2026/03/27 12:0 a.m.•4 views

Open-Xchange OX Dovecot Pro 安全漏洞

Open-Xchange OX Dovecot Pro is a mail storage and delivery system provided by the German company Open-Xchange. OX Dovecot Pro has a security vulnerability; this vulnerability arises from email messages that contain excessive RFC 2231 MIME parameters, which may lead to excessive CPU usage and...

5.3CVSS5.8AI score0.00374EPSS

Exploits1References1

OSV•added 2026/03/27 12:0 a.m.•3 views

UBUNTU-CVE-2026-27859

5.3CVSS5.8AI score0.00374EPSS

Exploits1References3

NVD•added 2026/03/18 10:16 p.m.•3 views

CVE-2026-32728

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.15 and 8.6.41, an attacker who is allowed to upload files can bypass the file extension filter by appending a MIME parameter e.g. ;charset=utf-8 to the Content-Type header...

8.3CVSS0.00272EPSS

Exploits0References5

CVE•added 2026/03/18 9:31 p.m.•11 views

CVE-2026-32728

Parse Server is affected by a stored XSS bypass vulnerability where an attacker with file upload rights can bypass extension filtering by adding MIME parameters (for example; charset=utf-8) to the Content-Type header. This can cause the extension validation to skip blocklist checks, allowing acti...

8.3CVSS5.4AI score0.00272EPSS

Exploits0References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by