Lucene search
K

373 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.4 views

SUSE CVE-2018-14358

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field...

6.3CVSS7.5AI score0.03915EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.3 views

SUSE CVE-2018-14360

An issue was discovered in NeoMutt before 2018-07-16. nntpaddgroup in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage...

9.8CVSS7.5AI score0.02651EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.3 views

SUSE CVE-2018-14363

An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames...

7.5CVSS7AI score0.0218EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.3 views

SUSE CVE-2018-14362

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a '/' character...

8.1CVSS7AI score0.03667EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.2 views

SUSE CVE-2018-14361

An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds even if memory allocation fails for messages data...

9.8CVSS7AI score0.02504EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 3:51 a.m.3 views

SUSE CVE-2020-28896

Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $sslforcetls was processed if an IMAP server's initial server response was invalid. The connection was not properly closed, and the code could continue attempting to authenticate. This could result in authentication credentials...

6.5CVSS7.3AI score0.02323EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 3:41 a.m.2 views

SUSE CVE-2021-32055

Mutt 1.11.0 through 2.0.x before 2.0.7 and NeoMutt 2019-10-25 through 2021-05-04 has a $imapqresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma. NOTE: the $imapqresync setting for QRESYNC is not enabled by default...

5.3CVSS7AI score0.02551EPSS
Exploits0References4
OSV
OSV
added 2022/06/21 12:1 p.m.7 views

OPENSUSE-SU-2022:10020-1 Security update for neomutt

This update for neomutt fixes the following issues: neomutt was updated to 20220429: Bug Fixes Do not crash on an invalid usethreads/sort combination Fix: stuck browser cursor Resolve move the cursor after Index: fix menu size on new mail Don't overlimit LMDB mmap size OpenBSD y/n translation fix...

9.1CVSS8AI score0.02551EPSS
Exploits2References5
OPENSUSE Linux
OPENSUSE Linux
added 2022/06/21 12:0 a.m.44 views

Security update for neomutt (moderate)

openSUSE Security Update: Security update for neomutt Announcement ID: openSUSE-SU-2022:10020-1 Rating: moderate References: 1184787 1185705 Cross-References: CVE-2021-32055 CVE-2022-1328 CVSS scores: CVE-2021-32055 NVD : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVE-2021-32055 SUSE: 5.3...

5.5CVSS6.7AI score0.02551EPSS
Exploits2References2
Microsoft CVE
Microsoft CVE
added 2022/01/19 8:0 a.m.3 views

Mutt 1.11.0 through 2.0.x before 2.0.7 (and NeoMutt 2019-10-25 through 2021-05-04) has a $imap_qresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma. NOTE: the $imap_qresync setting for QRESYNC is not enabled by default.

...

9.1CVSS8.2AI score0.02551EPSS
Exploits0
Huntr
Huntr
added 2022/01/01 6:36 p.m.9 views

Heap-based Buffer Overflow in neomutt/neomutt

Description When connected through imap/imaps with a server, neomutt is prone to a heap buffer overflow when using the auto completion feature. Proof of Concept Prepare client configuration which connects to 127.0.0.1:14300 cat muttrc imap.txt.b64 EOF...

0.2AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/09/20 12:0 a.m.6 views

The vulnerability in the imap/util.c component of the Mutt and NeoMutt email clients arises from reading data beyond the allowed buffer size. This allows an attacker to access confidential data and also cause service interruptions.

The vulnerability in the imap/util.c component of the Mutt and NeoMutt email clients is related to incorrect handling of the IMAP sequence set, which ends with a semicolon. Exploiting this vulnerability can allow an attacker to gain access to confidential data, as well as cause service failures...

9.1CVSS7.7AI score0.02551EPSS
Exploits0References6Affected Software3
ALT Linux
ALT Linux
added 2021/07/06 12:0 a.m.34 views

Security fix for the ALT Linux 9 package neomutt version 20210205-alt2

20210205-alt2 built July 6, 2021 Vitaly Chikunov in task 277285 July 4, 2021 Vitaly Chikunov - Fix CVE-2021-32055...

5.8CVSS9.2AI score0.02551EPSS
Exploits0
Rosalinux
Rosalinux
added 2021/07/02 5:31 p.m.32 views

Advisory ROSA-SA-2021-1925

Software: mutt 1.5.21 OS: Cobalt 7.9 CVE-ID: CVE-2018-14349 CVE-Crit: CRITICAL CVE-DESC: issue was found in Mutt before 1.10.1 and NeoMutt before 16.07.2018. imap / command.c incorrectly handles NO response without a message. CVE-STATUS: default CVE-REV: default CVE-ID: CVE-2018-14350 CVE-Crit:...

9.8CVSS8.1AI score0.0502EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/06/10 12:0 a.m.22 views

SUSE SLES11 Security Update : mutt (SUSE-SU-2020:14414-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14414-1 advisory. - Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response. CVE-2020-14093 - Mutt before 1.14.3 proceeds...

5.9CVSS6.3AI score0.02288EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2021/05/27 12:0 a.m.29 views

GLSA-202105-05 : Mutt, NeoMutt: Denial of service

The remote host is affected by the vulnerability described in GLSA-202105-05 Mutt, NeoMutt: Denial of service It was discovered that Mutt, and NeoMutt did not properly handle certain situations where an IMAP sequence set ends with a comma. Impact : A remote attacker could entice a user to connect...

9.1CVSS8.1AI score0.02551EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2021/05/26 12:0 a.m.54 views

Mutt, NeoMutt: Denial of service

Background Mutt is a small but very powerful text-based mail client. NeoMutt is a command line mail reader or MUA. It’s a fork of Mutt with added features. Description It was discovered that Mutt, and NeoMutt did not properly handle certain situations where an IMAP sequence set ends with a comma...

9.1CVSS9.4AI score0.02551EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2021/05/05 7:15 p.m.30 views

CVE-2021-32055

Mutt 1.11.0 through 2.0.x before 2.0.7 and NeoMutt 2019-10-25 through 2021-05-04 has a $imapqresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma. NOTE: the $imapqresync setting for QRESYNC is not enabled by default...

9.1CVSS2.1AI score0.02551EPSS
Exploits0References3
NVD
NVD
added 2021/05/05 4:15 p.m.17 views

CVE-2021-32055

Mutt 1.11.0 through 2.0.x before 2.0.7 and NeoMutt 2019-10-25 through 2021-05-04 has a $imapqresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma. NOTE: the $imapqresync setting for QRESYNC is not enabled by default...

9.1CVSS0.02551EPSS
Exploits0References4
OSV
OSV
added 2021/05/05 4:15 p.m.2 views

DEBIAN-CVE-2021-32055

Mutt 1.11.0 through 2.0.x before 2.0.7 and NeoMutt 2019-10-25 through 2021-05-04 has a $imapqresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma. NOTE: the $imapqresync setting for QRESYNC is not enabled by default...

9.1CVSS8.3AI score0.02551EPSS
Exploits0References1
Rows per page
Query Builder