RHEL 9 : dovecot (RHSA-2026:17625)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17625 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...

RLSA-2026:13830 Important: dovecot security update

Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...

RLSA-2026:13498 Important: dovecot security update

Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...

RockyLinux 10 : dovecot (RLSA-2026:13498)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:13498 advisory. dovecot: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command CVE-2025-59032 dovecot: denial of service via crafted...

AlmaLinux 10 : dovecot (ALSA-2026:13498)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:13498 advisory. dovecot: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command CVE-2025-59032 dovecot: denial of service via crafted...

Important: Red Hat Security Advisory: dovecot security update

An update for dovecot is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

dovecot: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command

A flaw was found in ManageSieve. A remote attacker can exploit this vulnerability by sending a crafted SASL Simple Authentication and Security Layer initial response during the AUTHENTICATE command. This can cause the ManageSieve service to crash repeatedly, leading to a Denial of Service DoS for...

ALSA-2026:13830 Important: dovecot security update

Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...

RHEL 8 : dovecot (RHSA-2026:13830)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13830 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...

Astra Linux - уязвимость в memcached

A buffer overflow vulnerability in the authfile.c memcached 1.6.9 allows attackers to cause a denial of service through a crafted authentication file...

EUVD-2023-60532

Tinycontrol LAN Controller 1.58a contains an authentication bypass vulnerability that allows unauthenticated attackers to change admin passwords through a crafted API request. Attackers can exploit the /stm.cgi endpoint with a specially crafted authentication parameter to disable access controls...

CVE-2025-59718

A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14,...

CVE-2025-59718

A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14,...

GL.iNet AX1800 Security Vulnerability

The GL.iNet AX1800 is a wireless router from China's Guanglian Zhitong GL.iNet. A security vulnerability exists in the GL.iNet AX1800 that stems from a vulnerability that allows an attacker to execute arbitrary code with the specially crafted GLnassys authentication function...

SUSE CVE-2021-37519

Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows attackers to cause a denial of service via crafted authenticattion file...

CVE-2021-37519

Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows attackers to cause a denial of service via crafted authenticattion file...

CVE-2021-37519

Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows attackers to cause a denial of service via crafted authenticattion file...

CVE-2021-37519

Summary (CVE-2021-37519) : The vulnerability is a buffer overflow in memcached’s authfile.c (affecting memcached 1.6.9) that allows denial of service via a crafted authentication file. Connected documents corroborate this CVE, listing CVE-2021-37519 across multiple sources (e.g., Astra Linux advi...

CVE-2020-23533

CVE-2020-23533 affects Union Pay web versions up to 1.2.0 and is linked to a CWE-347 vulnerability: improper verification of a cryptographic signature. An attacker can craft an authentication code (MAC) generated from a NULL/empty key to make free purchases on merchant websites and mobile apps. C...

CVE-2020-1509

An elevation of privilege vulnerability exists in the Local Security Authority Subsystem Service LSASS when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause an elevation of privilege on the targ...