Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

OSV
OSVadded 2026/05/08 6:10 a.m.2 views

CLSA-2026-1778220630 dovecot: Fix of 3 CVEs

CVE-2026-27855: fix OTP authentication replay attack via auth cache - CVE-2026-27856: fix doveadm credential timing oracle - CVE-2026-27857: fix excessive memory usage from deeply nested IMAP command lists pre-auth ID command...

7.5CVSS5.8AI score0.00042EPSS
Exploits3References1
Amazon
Amazonadded 2026/04/30 12:0 a.m.5 views

Important: dovecot

Issue Overview: Doveadm credentials are verified using direct comparison which is susceptible to timing oracle attack. An attacker can use this to determine the configured credentials. Figuring out the credential will lead into full access to the affected component. Limit access to the doveadm ht...

7.5CVSS5.6AI score0.00034EPSS
Exploits2
OSV
OSVadded 2019/04/12 12:29 a.m.1 views

DEBIAN-CVE-2019-11191

The Linux kernel through 5.0.7, when CONFIGIA32AOUT is enabled and ia32aout is loaded, allows local users to bypass ASLR on setuid a.out programs if any exist because installexeccreds is called too late in loadaoutbinary in fs/binfmtaout.c, and thus the ptracemayaccess check has a race condition...

2.5CVSS7.7AI score0.00009EPSS
Exploits1References1
Rows per page
Query Builder