373 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-14356
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero- length UID. CVE-2018-14356 Note that Nessus relies on the...
Linux Distros Unpatched Vulnerability : CVE-2020-14954
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a begin TLS response, th...
Linux Distros Unpatched Vulnerability : CVE-2018-14349
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message. CVE-2018-14349 Note that...
Linux Distros Unpatched Vulnerability : CVE-2018-14353
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imapquotestring in imap/util.c has an integer underflow. CVE-2018-14353 Note that...
Linux Distros Unpatched Vulnerability : CVE-2018-14354
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote...
Mageia: Security Advisory (MGASA-2025-0070)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated neomutt packages fix security vulnerabilities
The To and Cc email header fields are not protected by cryptographic signing. CVE-2024-49393 The In-reply-to email header field is not protected by cryptographic signing. CVE-2024-49394...
MGASA-2025-0070 Updated neomutt packages fix security vulnerabilities
The To and Cc email header fields are not protected by cryptographic signing. CVE-2024-49393 The In-reply-to email header field is not protected by cryptographic signing. CVE-2024-49394...
Ubuntu: Security Advisory (USN-7204-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-7204-1: NeoMutt vulnerabilities
Jeriko One discovered that NeoMutt incorrectly handled certain IMAP and POP3 responses. An attacker could possibly use this issue to cause NeoMutt to crash, resulting in a denial of service, or the execution of arbitrary code. This issue only affected Ubuntu 18.04 LTS. CVE-2018-14349,...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : NeoMutt vulnerabilities (USN-7204-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7204-1 advisory. Jeriko One discovered that NeoMutt incorrectly handled certain IMAP and POP3 responses. An attacker could possibly us...
The vulnerability of the --hidden-recipient mode in Mutt and NeoMutt email clients, which allows a hacker to disclose protected information.
The vulnerability of the “--hidden-recipient” mode in Mutt and NeoMutt clients is related to incorrect processing of header fields during PGP encryption. Exploiting this vulnerability can allow a remote attacker to disclose the protected information...
The vulnerability of Mutt and NeoMutt email clients, related to errors in verifying the cryptographic signature, allows a hacker to alter the list of trusted recipients and expose the encrypted information.
The vulnerability of Mutt and NeoMutt email clients stems from errors in verifying the cryptographic signature when processing header fields. Exploiting this vulnerability could allow a malicious actor to alter the list of trusted recipients and expose the sensitive information being protected...
neomutt-20241114-1.1 on GA media (moderate)
neomutt-20241114-1.1 on GA media Announcement ID: openSUSE-SU-2024:14527-1 Rating: moderate Cross-References: CVE-2024-49393 CVE-2024-49394 CVSS scores: CVE-2024-49393 SUSE : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2024-49393 SUSE : 6.3...
OPENSUSE-SU-2024:14527-1 neomutt-20241114-1.1 on GA media
These are all security issues fixed in the neomutt-20241114-1.1 package on the GA media of openSUSE Tumbleweed...
SUSE CVE-2024-49393
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality...
SUSE CVE-2024-49394
In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender...
SUSE CVE-2024-49395
In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info...
CVE-2024-49395
In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info...
CVE-2024-49395
In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info...