9 matches found
CVE-2026-23610
GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the POP2Exchange configuration endpoint. An authenticated user can supply HTML/JavaScript in the POP3 server login field within the JSON "popServers" payload to...
CVE-2026-23610 GFI MailEssentials AI < 22.4 POP2Exchange POP3 Server Login Stored XSS
GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the POP2Exchange configuration endpoint. An authenticated user can supply HTML/JavaScript in the POP3 server login field within the JSON "popServers" payload to...
CVE-2026-23610 GFI MailEssentials AI < 22.4 POP2Exchange POP3 Server Login Stored XSS
GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the POP2Exchange configuration endpoint. An authenticated user can supply HTML/JavaScript in the POP3 server login field within the JSON "popServers" payload to...
Mandriva Linux Security Advisory : dovecot (MDVSA-2015:113)
Updated dovecot packages fix security vulnerability. Dovecot before 2.2.13 is vulnerable to a DoS attack against imap/pop3-login processes. If SSL/TLS handshake was started but wasn't finished, the login process attempted to eventually forcibly disconnect the client, but failed to do it correctly...
dovecot security update
Package : dovecot Version : 1:1.2.15-7+deb6u1 CVE ID : CVE-2014-3430 Debian Bug : 747549 It was discovered that the Dovecot email server is vulnerable to a denial of service attack against imap/pop3-login processes due to incorrect handling of the closure of inactive SSL/TLS connections...
Updated dovecot packages fix security vulnerability
Updated dovecot packages fix security vulnerability. Dovecot before 2.2.13 is vulnerable to a DoS attack against imap/pop3-login processes. If SSL/TLS handshake was started but wasn't finished, the login process attempted to eventually forcibly disconnect the client, but failed to do it correctly...
MGASA-2014-0223 Updated dovecot packages fix security vulnerability
Updated dovecot packages fix security vulnerability. Dovecot before 2.2.13 is vulnerable to a DoS attack against imap/pop3-login processes. If SSL/TLS handshake was started but wasn't finished, the login process attempted to eventually forcibly disconnect the client, but failed to do it correctly...
CVE-2006-0730
Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service application crash or hang via unspecified vectors involving 1 "potential hangs" in the APPEND command and "potential crashes" in 2 dovecot-auth and 3 imap/pop3-login. NOTE: vector 2...
Alt-N MDaemon 2.8.5 - UIDL Denial of Service
source: https://www.securityfocus.com/bid/1366/info A remote user is capable of crashing Alt-N MDaemon 2.8.5.0 by executing the pass command, then the UIDL command and quitting the mail server before the UIDL has returned a response. This must be done before the user is presented with the POP3...