Security update for cyrus-imapd (important)

openSUSE security update: security update for cyrus-imapd ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20962-1 Rating: important References: bsc1241536 bsc1241543 bsc1246165 bsc1251788 Cross-References: CVE-2025-23394 CVE-2025-49812 CVSS scores:...

Security update for cyrus-imapd (important)

openSUSE Security Update: Security update for cyrus-imapd Announcement ID: openSUSE-SU-2026:0204-1 Rating: important References: 1241536 1241543 1246165 1251788 Cross-References: CVE-2025-23394 CVE-2025-49812 CVSS scores: CVE-2025-49812 SUSE: 8.3...

CLSA-2026-1779119949 cyrus-imapd: Fix of CVE-2024-34055

fix CVE-2024-34055: denial of service via memory exhaustion using oversized IMAP literals and command arguments - disable cassandane test runner on x8664 and aarch64 due to multiple unrelated mock-environment issues imaptest binary SIGSEGV, slow file I/O, alarm scheduling races; cunit which...

CLSA-2026-1777279920 cyrus-imapd: Fix of CVE-2021-33582

Fix CVE-2021-33582 - Denial of service via string hashing algorithm collisions...

MiracleLinux 8 : cyrus-imapd-3.0.7-19.el8 (AXSA:2021-1276:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1276:01 advisory. cyrus-imapd: privilege escalation in HTTP request CVE-2019-18928 cyrus-imapd: lmtpd component created mailboxes with administrator privileges if the...

MiracleLinux 8 : cyrus-imapd-3.0.7-20.el8.1 (AXSA:2021-2426:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2426:03 advisory. cyrus-imapd: Denial of service via string hashing algorithm collisions CVE-2021-33582 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : cyrus-imapd-3.4.8-1.el9 (AXSA:2024-9200:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9200:03 advisory. cyrus-imapd: unbounded memory allocation by sending many LITERALs in a single command CVE-2024-34055 Tenable has extracted the preceding description block...

MiracleLinux 3 : cyrus-imapd-2.3.7-7AXS3.3 (AXSA:2009-400:02)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-400:02 advisory. The cyrus-imapd package contains the core of the Cyrus IMAP server. It is a scaleable enterprise mail system designed for use from small to large...

EUVD-2011-3336

Malware in sbrugna...

EUVD-2005-0547

Malware in sbrugna...

EUVD-2025-27710

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-23394

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A UNIX Symbolic Link Symlink Following vulnerability in openSUSE Tumbleweed cyrus-imapd allows escalation from cyrus to root.This issue affects openSUSE...

CVE-2025-23394

A UNIX Symbolic Link Symlink Following vulnerability in openSUSE Tumbleweed cyrus-imapd allows escalation from cyrus to root.This issue affects openSUSE Tumbleweed cyrus-imapd before 3.8.4-2.1...

UBUNTU-CVE-2025-23394

A UNIX Symbolic Link Symlink Following vulnerability in openSUSE Tumbleweed cyrus-imapd allows escalation from cyrus to root.This issue affects openSUSE Tumbleweed cyrus-imapd before 3.8.4-2.1...

CVE-2025-23394

A UNIX Symbolic Link Symlink Following vulnerability in openSUSE Tumbleweed cyrus-imapd allows escalation from cyrus to root.This issue affects openSUSE Tumbleweed cyrus-imapd before 3.8.4-2.1...

CVE-2025-23394 daily-backup.sh script in cyrus-imapd allows escalation from cyrus to root

A UNIX Symbolic Link Symlink Following vulnerability in openSUSE Tumbleweed cyrus-imapd allows escalation from cyrus to root.This issue affects openSUSE Tumbleweed cyrus-imapd before 3.8.4-2.1...

CVE-2025-23394

Summary (CVE-2025-23394) : A UNIX Symbolic Link (Symlink) Following vulnerability in openSUSE Tumbleweed’s Cyrus IMAPd allows escalation from user cyrus to root. Affected: openSUSE Tumbleweed, cyrus-imapd before 3.8.4-2.1. Root cause: symlink following flaw enabling privilege escalation. Impact: ...

CVE-2025-23394 daily-backup.sh script in cyrus-imapd allows escalation from cyrus to root

A UNIX Symbolic Link Symlink Following vulnerability in openSUSE Tumbleweed cyrus-imapd allows escalation from cyrus to root.This issue affects openSUSE Tumbleweed cyrus-imapd before 3.8.4-2.1...

openSUSE Tumbleweed cyrus-imapd 安全漏洞

openSUSE Tumbleweed cyrus-imapd is a highly scalable enterprise mail system open-sourced from openSUSE in Germany, using standards-based technology designed for enterprise environments of all sizes. A security vulnerability exists in openSUSE Tumbleweed cyrus-imapd versions prior to 3.8.4-2.1,...

Fedora: Security Advisory (FEDORA-2024-cfbdc342a2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...