Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

30 matches found

Tenable Nessus
Tenable Nessusadded yesterday2 views

Debian dsa-6313 : dovecot-auth-lua - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6313 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6313-1 [email protected]...

9.1CVSS6AI score0.00016EPSS
Exploits0References13
Tenable Nessus
Tenable Nessusadded 2026/05/20 12:0 a.m.4 views

RHEL 8 : dovecot (RHSA-2026:19453)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19453 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...

7.5CVSS5.9AI score0.00079EPSS
Exploits2References8
Tenable Nessus
Tenable Nessusadded 2026/05/14 12:0 a.m.5 views

RHEL 9 : dovecot (RHSA-2026:17630)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17630 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...

7.5CVSS5.9AI score0.00079EPSS
Exploits2References8
Tenable Nessus
Tenable Nessusadded 2026/05/06 12:0 a.m.2 views

RockyLinux 10 : dovecot (RLSA-2026:13498)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:13498 advisory. dovecot: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command CVE-2025-59032 dovecot: denial of service via crafted...

7.5CVSS5.8AI score0.00079EPSS
Exploits2References7
OSV
OSVadded 2026/04/28 12:52 p.m.4 views

USN-8136-2 dovecot regression

USN-8136-1 fixed vulnerabilities in Dovecot. The update caused a regression on Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Dovecot incorrectly handled invalid base64 SASL data. An...

5.3CVSS5.9AI score0.00029EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2026/04/13 12:0 a.m.6 views

Amazon Linux 2023 : dovecot, dovecot-devel, dovecot-mysql (ALAS2023-2026-1570)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1570 advisory. Doveadm credentials are verified using direct comparison which is susceptible to timing oracle attack. An attacker can use this to determine the configured credentials. Figuring out the...

7.5CVSS5.8AI score0.00036EPSS
Exploits2References8
Tenable Nessus
Tenable Nessusadded 2026/03/31 12:0 a.m.4 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : Dovecot vulnerabilities (USN-8136-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8136-1 advisory. It was discovered that Dovecot incorrectly handled invalid base64 SASL data. An attacker could possibly use this issue to cause a...

8.2CVSS6AI score0.00083EPSS
Exploits7References12
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2006-0737

Malware in sbrugna...

5CVSS6.2AI score0.00911EPSS
Exploits0References7
Tenable Nessus
Tenable Nessusadded 2025/06/16 12:0 a.m.7 views

TencentOS Server 3: dovecot (TSSA-2022:0115)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0115 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.8CVSS7.1AI score0.38348EPSS
Exploits11References11
Tenable Nessus
Tenable Nessusadded 2025/05/14 12:0 a.m.7 views

Alibaba Cloud Linux 3 : 0115: dovecot (ALINUX3-SA-2022:0115)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0115 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-11500: In Dovecot before 2.2.36.4...

9.8CVSS7.1AI score0.38348EPSS
Exploits11References11
Tenable Nessus
Tenable Nessusadded 2024/12/11 12:0 a.m.7 views

Amazon Linux 2023 : dovecot, dovecot-devel, dovecot-mysql (ALAS2023-2024-785)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-785 advisory. Dovecot reports: A DoS is possible with a large number of address headers or abnormally large email headers. CVE-2024-23184 Dovecot reports: A DoS is possible with a large number of address...

7.5CVSS6.8AI score0.00656EPSS
Exploits2References6
Ubuntu
Ubuntuadded 2024/09/16 11:52 a.m.7 views

USN-7013-1: Dovecot vulnerabilities

It was discovered that Dovecot incorrectly handled a large number of address headers. A remote attacker could possibly use this issue to cause Dovecot to consume resources, leading to a denial of service. CVE-2024-23184 It was discovered that Dovecot incorrectly handled very large headers. A remo...

7.5CVSS7.3AI score0.00656EPSS
Exploits2
Tenable Nessus
Tenable Nessusadded 2024/09/16 12:0 a.m.12 views

Ubuntu 20.04 LTS / 22.04 LTS : Dovecot vulnerabilities (USN-7013-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7013-1 advisory. It was discovered that Dovecot incorrectly handled a large number of address headers. A remote attacker could possibly use this issue to caus...

7.5CVSS7.3AI score0.00656EPSS
Exploits2References3
Debian
Debianadded 2024/08/21 8:3 a.m.9 views

[SECURITY] [DSA 5752-1] dovecot security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5752-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 21, 2024 https://www.debian.org/security/faq -...

7.5CVSS7.1AI score0.00656EPSS
Exploits2
Tenable Nessus
Tenable Nessusadded 2022/02/09 12:0 a.m.30 views

AlmaLinux 8 : dovecot (ALSA-2020:4763)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4763 advisory. - In Dovecot before 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-login, submission, or lmtp, and can...

5.3CVSS6.7AI score0.03364EPSS
Exploits4References3
NCSC
NCSCadded 2021/06/22 12:0 a.m.2 views

Vulnerabilities fixed in Dovecot

Dovecot's developers have fixed two vulnerabilities. An authenticated remote malicious person can exploit the vulnerabilities exploit them to cause a denial-of-service, execute execute commands with application privileges or to obtain sensitive data. -= Ubuntu =- Canonical has made updates...

7.5CVSS6.9AI score0.05864EPSS
Exploits0
OSV
OSVadded 2021/06/21 1:50 p.m.2 views

USN-4993-1 dovecot vulnerabilities

Kirin discovered that Dovecot incorrectly escaped kid and azp fields in JWT tokens. A local attacker could possibly use this issue to validate tokens using arbitrary keys. This issue only affected Ubuntu 20.10 and Ubuntu 21.04. CVE-2021-29157 Fabian Ising and Damian Poddebniak discovered that...

7.5CVSS6.9AI score0.05864EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2021/01/11 12:0 a.m.33 views

GLSA-202101-01 : Dovecot: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202101-01 Dovecot: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Dovecot. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could send a specially crafted mail o...

7.5CVSS7.6AI score0.03357EPSS
Exploits1References3
NCSC
NCSCadded 2021/01/05 12:0 a.m.4 views

Vulnerabilities fixed in Dovecot

A malicious party could exploit the vulnerabilities to cause a denial-of-service and to read e-mail from other users. Dovecot has released updates to fix the vulnerabilities. For more information, see the following pages: CVE-2020-24386:...

7.5CVSS6.9AI score0.03357EPSS
Exploits1
OSV
OSVadded 2021/01/04 2:4 p.m.2 views

USN-4674-1 dovecot vulnerabilities

It was discovered that Dovecot incorrectly handled certain imap hibernation commands. A remote authenticated attacker could possibly use this issue to access other users' email. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. CVE-2020-24386 Innokentii Sennovskiy...

7.5CVSS7.2AI score0.03357EPSS
Exploits1References3
Rows per page
Query Builder