20 matches found
EUVD-2021-26952
Malware in sbrugna...
EUVD-2024-53882
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-3657
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large =2GiB IMAP literals, malicious or compromised IMAP servers, an...
CVE-2024-37358
Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS through the abuse of IMAP literals. An attacker can cause unbounded memory allocation and very long computations by sending specially crafted IMAP literals. Details Denial of Service DoS describes a family of...
GHSA-56JP-W6VW-J3JW Apache James vulnerable to denial of service through the use of IMAP literals
Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...
Apache James vulnerable to denial of service through the use of IMAP literals
Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...
CVE-2024-37358
Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...
CVE-2024-37358
Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...
CVE-2024-37358 Apache James: denial of service through the use of IMAP literals
Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...
CVE-2024-37358
Technical details about CVE-2024-37358 (affected software, impact, and fixes) are not provided in the connected documents. Monitor for updates.
CVE-2024-37358 Apache James: denial of service through the use of IMAP literals
Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...
PT-2025-5748
Name of the Vulnerable Software and Affected Versions: Apache James versions prior to 3.7.6 Apache James versions prior to 3.8.2 Description: Apache James is susceptible to a denial of service through the misuse of IMAP literals by both authenticated and unauthenticated users. This could lead to...
SUSE CVE-2021-3657
A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large =2GiB IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for...
GLSA-202208-15 : isync: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202208-15 isync: Multiple Vulnerabilities - A flaw was found in mbsync before v1.3.5 and v1.4.1. Validations of the mailbox names returned by IMAP LIST/LSUB do not occur allowing a malicious or compromised server to use specially...
Debian DLA-3066-1 : isync - LTS security update
The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3066 advisory. - A flaw was found in mbsync before v1.3.5 and v1.4.1. Validations of the mailbox names returned by IMAP LIST/LSUB do not occur allowing a malicious or compromised...
CVE-2021-3657
A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large =2GiB IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for...
Buffer overflow
A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large =2GiB IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for...
UBUNTU-CVE-2021-3657
A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large =2GiB IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for...
Novell NetMail IMAP server multiple buffer overflows
Buffer overflows on STOP, APPEND commands and on IMAP literals parsing...