EUVD-2010-3758

Malware in sbrugna...

CVE-2019-7524

In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components...

MGASA-2019-0072 Updated dovecot packages fix security vulnerability

CVE-2019-3814: If imap/pop3/managesieve/submission client has trusted certificate with missing username field sslcertusernamefield, under some configurations Dovecot mistakenly trusts the username provided via authentication instead of failing...

Updated dovecot packages fix security vulnerability

Updated dovecot packages fix security vulnerability. Dovecot before 2.2.13 is vulnerable to a DoS attack against imap/pop3-login processes. If SSL/TLS handshake was started but wasn't finished, the login process attempted to eventually forcibly disconnect the client, but failed to do it correctly...

CVE-2008-1199

Dovecot before 1.0.11, when configured to use mailextragroups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack...