Lucene search
K

1438 matches found

RedHat Linux
RedHat Linux
added 2026/05/14 3:19 p.m.10 views

Important: Red Hat Security Advisory: dovecot security update

An update for dovecot is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References4
Debian
Debian
added 2026/05/14 2:38 p.m.10 views

[SECURITY] [DSA 6271-1] gsasl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6271-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 14, 2026 https://www.debian.org/security/faq -...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.16 views

RHEL 9 : dovecot (RHSA-2026:17630)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17630 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References8
CloudLinux
CloudLinux
added 2026/05/08 11:35 a.m.11 views

cyrus-sasl: Fix of CVE-2019-19906

CVE-2019-19906: fix off-by-one in sasladdstring lib/common.c that could cause denial of service or information disclosure via crafted input...

7.5CVSS7.1AI score0.08036EPSS
Exploits1
OSV
OSV
added 2026/05/07 5:31 p.m.11 views

CLSA-2026-1778175067 cyrus-sasl: Fix of CVE-2019-19906

CVE-2019-19906: fix off-by-one in sasladdstring lib/common.c that could cause denial of service or information disclosure via crafted input...

7.5CVSS7.1AI score0.08036EPSS
Exploits1References1
Rockylinux
Rockylinux
added 2026/05/07 6:0 a.m.13 views

dovecot security update

An update is available for dovecot. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Dovecot is an IMAP server for Linux and other UNIX-like systems, written...

7.5CVSS5.9AI score0.0079EPSS
Exploits2
NVD
NVD
added 2026/05/06 4:16 p.m.8 views

CVE-2026-6691

The MongoDB C Driver's Cyrus SASL integration performs unsafe string copying during username canonicalization, enabling a heap buffer overflow before any authentication or network traffic. This may be triggered by passing untrusted input in the username of a MongoDB URI with authMechanism=GSSAPI...

8.6CVSS0.00126EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/06 3:8 p.m.6 views

CVE-2026-6691

The MongoDB C Driver's Cyrus SASL integration performs unsafe string copying during username canonicalization, enabling a heap buffer overflow before any authentication or network traffic. This may be triggered by passing untrusted input in the username of a MongoDB URI with authMechanism=GSSAPI...

8.6CVSS5.9AI score0.00126EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/06 3:8 p.m.25 views

CVE-2026-6691

CVE-2026-6691 affects the MongoDB C Driver Cyrus SASL integration. The issue is unsafe string copying during username canonicalization, leading to a heap buffer overflow before any authentication or network traffic. The vulnerability can be triggered by untrusted input in the username of a MongoD...

8.6CVSS5.9AI score0.00126EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/06 3:8 p.m.10 views

CVE-2026-6691 MongoDB C Driver Cyrus SASL Canonicalization Buffer Overflow

The MongoDB C Driver's Cyrus SASL integration performs unsafe string copying during username canonicalization, enabling a heap buffer overflow before any authentication or network traffic. This may be triggered by passing untrusted input in the username of a MongoDB URI with authMechanism=GSSAPI...

8.6CVSS5.9AI score0.00126EPSS
Exploits0References1
MongoDB
MongoDB
added 2026/05/06 3:8 p.m.10 views

MongoDB C Driver Cyrus SASL Canonicalization Buffer Overflow

The MongoDB C Driver's Cyrus SASL integration performs unsafe string copying during username canonicalization, enabling a heap buffer overflow before any authentication or network traffic. This may be triggered by passing untrusted input in the username of a MongoDB URI with authMechanism=GSSAPI...

8.6CVSS5.9AI score0.00126EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.11 views

MongoDB C Driver 安全漏洞

The MongoDB C Driver is an open-source library developed by MongoDB, designed to connect to and manipulate MongoDB databases in C-language programs. There is a security vulnerability in the MongoDB C Driver, which stems from the insecure string copying performed during username normalization by t...

8.6CVSS6.1AI score0.00126EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2026/05/06 12:0 a.m.13 views

dovecot security update

1:2.3.16-15.1 - fix CVE-2026-27858: denial of service via crafted message before authentication RHEL-161639 - fix CVE-2025-59032: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command RHEL-162287 - fix CVE-2026-27857: denial of service via specially crafted NOOP...

7.5CVSS5.8AI score0.0079EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.11 views

Oracle Linux 8 : dovecot (ELSA-2026-13830)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-13830 advisory. - fix CVE-2026-27858: denial of service via crafted message before authentication RHEL-161630 - fix CVE-2025-59032: ManageSieve: Denial of Service via...

7.5CVSS5.8AI score0.0079EPSS
Exploits2References4
Oracle linux
Oracle linux
added 2026/05/05 12:0 a.m.11 views

dovecot security update

1:2.3.21-16.1 - fix CVE-2026-27858: denial of service via crafted message before authentication RHEL-161625 - fix CVE-2025-59032: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command RHEL-162273 - fix CVE-2026-27857: denial of service via specially crafted NOOP...

7.5CVSS5.8AI score0.0079EPSS
Exploits2
OSV
OSV
added 2026/05/05 12:0 a.m.9 views

ALSA-2026:13857 Important: dovecot security update

Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References8
AlmaLinux
AlmaLinux
added 2026/05/05 12:0 a.m.11 views

Important: dovecot security update

Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2026/05/04 1:55 p.m.8 views

dovecot: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command

A flaw was found in ManageSieve. A remote attacker can exploit this vulnerability by sending a crafted SASL Simple Authentication and Security Layer initial response during the AUTHENTICATE command. This can cause the ManageSieve service to crash repeatedly, leading to a Denial of Service DoS for...

7.5CVSS5.8AI score0.00703EPSS
Exploits1References5
OSV
OSV
added 2026/05/04 12:0 a.m.9 views

ALSA-2026:13498 Important: dovecot security update

Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.15 views

RHEL 10 : dovecot (RHSA-2026:13498)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13498 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References8
Rows per page
Query Builder