CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The remote NewStart CGSL host, running version MAIN 6.06, has postfix packages installed that are affected by multiple vulnerabilities: - The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are...

6.8CVSS9.2AI score0.45154EPSS

Exploits13References9

Tenable Nessus•added 2025/08/27 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2019-16791

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In postfix-mta-sts-resolver before 0.5.1, All users can receive incorrect response from daemon under rare conditions, rendering downgrade of effective STS polic...

6.9CVSS6.6AI score0.003EPSS

Exploits0References2

Tenable Nessus•added 2025/07/25 12:0 a.m.•3 views

NewStart CGSL MAIN 7.02 : postfix Vulnerability (NS-SA-2025-0159)

The remote NewStart CGSL host, running version MAIN 7.02, has postfix packages installed that are affected by a vulnerability: - Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpddatarestrictions=rejectunauthpipelining and smtpddiscardehlokeywords=chunking or certain other...

5.3CVSS5.8AI score0.2846EPSS

Exploits4References3

OSV•added 2025/07/23 12:39 p.m.•0 views

SUSE-SU-2025:02478-1 Security update 5.0.5 for Multi-Linux Manager Server

This update fixes the following issues: server-attestation-image: - Version 5.0.11: Fixed the health check of the container bsc1240604 server-hub-xmlrpc-api-image: - Version 5.0.13: Image rebuilt to the newest version with updated dependencies server-image: - Version 5.0.16: Fixed...

5.8AI score

Exploits0References5

RedhatCVE•added 2025/05/23 5:11 a.m.•1 views

CVE-2023-32182

A Improper Link Resolution Before File Access 'Link Following' vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before...

7.8CVSS6.7AI score0.00022EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 8:15 p.m.•10 views

CVE-2004-0925

Postfix on Mac OS X 10.3.x through 10.3.5, with SMTPD AUTH enabled, does not properly clear the username between authentication attempts, which allows users with the longest username to prevent other valid users from being able to authenticate...

5CVSS7.1AI score0.00485EPSS

Exploits0References1

Tenable Nessus•added 2025/03/19 12:0 a.m.•3 views

RockyLinux 9 : postfix (RLSA-2024:9243)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:9243 advisory. postfix: SMTP smuggling vulnerability CVE-2023-51764 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note th...

5.3CVSS5.7AI score0.2846EPSS

Exploits4References3

OSV•added 2025/03/17 8:16 p.m.•6 views

RLSA-2024:9243 Moderate: postfix security update

The postfix packages provide a Mail Transport Agent MTA, which supports protocols like LDAP, SMTP AUTH SASL, and TLS. Security Fixes: postfix: SMTP smuggling vulnerability CVE-2023-51764 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

5.3CVSS6.3AI score0.2846EPSS

Exploits4References2

Rockylinux•added 2025/03/17 8:16 p.m.•6 views

postfix security update

An update is available for postfix. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The postfix packages provide a Mail Transport Agent MTA, which supports...

5.3CVSS6.5AI score0.2846EPSS

Exploits4

Tenable Nessus•added 2025/03/05 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2023-51764

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpddatarestrictions=rejectunauthpipelining and smtpddiscardehlokeywords=chunking or certain...

5.3CVSS5.6AI score0.2846EPSS

Exploits4References2

Tenable Nessus•added 2025/03/04 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2017-10140

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented...

7.8CVSS7.4AI score0.00296EPSS

Exploits1References2

Rosalinux•added 2025/01/27 11:51 a.m.•27 views

Advisory ROSA-SA-2025-2591

software: postfix 3.5.25 OS: ROSA-CHROME packageevrstring: postfix-3.5.25-1 CVE-ID: CVE-2023-51764 BDU-ID: 2024-00106 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the smtpd daemon of the Postfix mail server is related to insufficient data authentication when processing string endings other tha...

5.3CVSS7.2AI score0.2846EPSS

Exploits4