Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.10 views

Debian dla-4556 : dovecot-auth-lua - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4556 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4556-1 [email protected]...

7.5CVSS5.5AI score0.0079EPSS
Exploits6References18
SUSE CVE
SUSE CVE
added 2026/03/28 6:29 p.m.10 views

SUSE CVE-2026-0394

When dovecot has been configured to use per-domain passwd files, and they are placed one path component above /etc, or slash has been added to allowed characters, path traversal can happen if the domain component is directory partial. This allows inadvertently reading /etc/passwd or some other pa...

5.3CVSS5.7AI score0.00427EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/03/27 8:10 a.m.30 views

CVE-2026-0394

When dovecot has been configured to use per-domain passwd files, and they are placed one path component above /etc, or slash has been added to allowed characters, path traversal can happen if the domain component is directory partial. This allows inadvertently reading /etc/passwd or some other pa...

5.3CVSS0.00427EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/27 8:10 a.m.7 views

CVE-2026-0394

When dovecot has been configured to use per-domain passwd files, and they are placed one path component above /etc, or slash has been added to allowed characters, path traversal can happen if the domain component is directory partial. This allows inadvertently reading /etc/passwd or some other pa...

5.3CVSS5.7AI score0.00427EPSS
Exploits1References2
CVE
CVE
added 2026/03/27 8:10 a.m.42 views

CVE-2026-0394

Dovecot is affected when per-domain passwd files are configured and placed one path component above /etc, or when a slash is added to allowed characters, allowing path traversal via a domain component that is a directory partial. This can enable reading /etc/passwd (or other paths ending with pas...

5.3CVSS5.7AI score0.00427EPSS
Exploits1References1Affected Software2
AlpineLinux
AlpineLinux
added 2026/03/27 8:10 a.m.10 views

CVE-2026-0394

When dovecot has been configured to use per-domain passwd files, and they are placed one path component above /etc, or slash has been added to allowed characters, path traversal can happen if the domain component is directory partial. This allows inadvertently reading /etc/passwd or some other pa...

5.3CVSS5.3AI score0.00427EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.9 views

Open-Xchange OX Dovecot Pro 安全漏洞

Open-Xchange OX Dovecot Pro is an email storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a security vulnerability, which stems from the use of passwd files for each domain. This configuration allows for path traversal attacks, potentially...

5.3CVSS5.8AI score0.00427EPSS
Exploits1References1
OSV
OSV
added 2026/03/27 12:0 a.m.3 views

UBUNTU-CVE-2026-0394

When dovecot has been configured to use per-domain passwd files, and they are placed one path component above /etc, or slash has been added to allowed characters, path traversal can happen if the domain component is directory partial. This allows inadvertently reading /etc/passwd or some other pa...

5.3CVSS5.7AI score0.00427EPSS
Exploits1References4
Rows per page
Query Builder