CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

SUSE CVE•added 2023/02/15 4:0 a.m.•3 views

SUSE CVE-2020-10967

In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart...

5.3CVSS7.2AI score0.03364EPSS

Exploits3References7

RedHat Linux•added 2020/11/04 1:48 a.m.•3 views

dovecot: sending mail with empty quoted localpart leads to DoS

In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart...

5.3CVSS6.7AI score0.03364EPSS

Exploits3References5

Veracode•added 2020/08/06 9:34 p.m.•20 views

Denial Of Service (DoS)

Dovecot is vulnerable to denial of service DoS. A remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart...

5.3CVSS4AI score0.03364EPSS

Exploits3References18Affected Software1

CNVD•added 2020/05/19 12:0 a.m.•1 views

Dovecot Input Validation Error Vulnerability (CNVD-2020-30670)

Dovecot is an open source based on Linux/UNIX-like systems IMAP and POP3 mail server . Dovecot suffers from an input validation error vulnerability. An attacker can exploit this vulnerability by sending an email with an empty localpart to cause the local mail transport protocol or the commit...

5.3CVSS8.6AI score0.03364EPSS

Exploits3References1

OSV•added 2020/05/18 3:15 p.m.•1 views

ALPINE-CVE-2020-10967

In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart...

5.3CVSS7.2AI score0.03364EPSS

Exploits3References1

OSV•added 2020/05/18 3:15 p.m.•1 views

DEBIAN-CVE-2020-10967

In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart...

5.3CVSS6.6AI score0.03364EPSS

Exploits3References1

NVD•added 2020/05/18 3:15 p.m.•15 views

CVE-2020-10967

In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart...

5.3CVSS6.2AI score0.03364EPSS

Exploits3References13

Prion•added 2020/05/18 3:15 p.m.•22 views

Code injection

In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart...

5CVSS5.9AI score0.03364EPSS

Exploits3References13Affected Software1

CVE•added 2020/05/18 2:2 p.m.•252 views

CVE-2020-10967

CVE-2020-10967 affects Dovecot before 2.3.10.1. The issue resides in the lmtp/submission path where handling an email with an empty localpart can crash the target, causing denial of service. Public advisories summarize this alongside other fixes for CVEs 10957/10958, with exploitation vector remo...

5.3CVSS6.1AI score0.03364EPSS

Exploits3References13Affected Software1