Lucene search
+L

4 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.10 views

SUSE SLES16: dovecot24 / dovecot24-backend-mysql / dovecot24-backend-pgsql / etc (SUSE-SU-2026:22185-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22185-1 advisory. This update for dovecot24 fixes the following issues - CVE-2026-27851: lib-var-expand: safe filter leaks to all following pipeline...

9.1CVSS5.8AI score0.00454EPSS
Exploits0References16
OSV
OSV
added 2026/06/19 5:8 p.m.3 views

OPENSUSE-SU-2026:21109-1 Security update for dovecot24

This update for dovecot24 fixes the following issues - CVE-2026-27851: lib-var-expand: safe filter leaks to all following pipelines bsc1265146. - CVE-2026-33603: login: base64 input can contain tabs that bypass IPC protection bsc1265147. - CVE-2026-40016: Sieve: contains/: matches ONxM substring...

9.1CVSS5.8AI score0.00454EPSS
Exploits0References10
Debian
Debian
added 2026/06/05 12:28 p.m.15 views

[SECURITY] [DLA 4617-1] dovecot security update

Debian LTS Advisory DLA-4617-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin June 05, 2026 https://wiki.debian.org/LTS Package : dovecot Version : 1:2.3.13+dfsg1-2+deb11u4 CVE ID : CVE-2026-33603 CVE-2026-40020 CVE-2026-42006 Debian Bug : 1136444 Multiple...

7.5CVSS5.6AI score0.00667EPSS
Exploits1
OSV
OSV
added 2026/05/12 1:28 p.m.2 views

CVE-2026-33603

Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker is able to position itself between Dovecot and the client connection. If successful, the attacker can eavesdrop communications between Dovecot and...

6.8CVSS6AI score0.00222EPSS
Exploits0References3
Rows per page
Query Builder