Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-26952

Malware in sbrugna...

9.8CVSS9.2AI score0.03331EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-53882

Malicious code in bioql PyPI...

8.6CVSS6.3AI score0.00802EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-3657

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large =2GiB IMAP literals, malicious or compromised IMAP servers, an...

9.8CVSS7.4AI score0.03331EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/08 11:22 a.m.9 views

CVE-2024-37358

Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...

8.6CVSS6.4AI score0.00836EPSS
Exploits0References1
Snyk
Snyk
added 2025/02/06 12:31 p.m.2 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS through the abuse of IMAP literals. An attacker can cause unbounded memory allocation and very long computations by sending specially crafted IMAP literals. Details Denial of Service DoS describes a family of...

8.7CVSS7.1AI score0.00802EPSS
Exploits0References2
OSV
OSV
added 2025/02/06 12:31 p.m.3 views

GHSA-56JP-W6VW-J3JW Apache James vulnerable to denial of service through the use of IMAP literals

Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...

8.6CVSS5.9AI score0.00802EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/02/06 12:31 p.m.13 views

Apache James vulnerable to denial of service through the use of IMAP literals

Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...

8.6CVSS6.4AI score0.00802EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/02/06 12:15 p.m.1 views

CVE-2024-37358

Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...

7.5CVSS6.1AI score
Exploits0References1
NVD
NVD
added 2025/02/06 12:15 p.m.9 views

CVE-2024-37358

Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...

8.6CVSS0.00802EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/06 11:22 a.m.1 views

CVE-2024-37358 Apache James: denial of service through the use of IMAP literals

Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...

8.6CVSS6.1AI score0.00802EPSS
Exploits0References1
CVE
CVE
added 2025/02/06 11:22 a.m.85 views

CVE-2024-37358

Technical details about CVE-2024-37358 (affected software, impact, and fixes) are not provided in the connected documents. Monitor for updates.

8.6CVSS8.3AI score0.00802EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/02/06 11:22 a.m.25 views

CVE-2024-37358 Apache James: denial of service through the use of IMAP literals

Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate...

8.6CVSS0.00802EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/05 12:0 a.m.4 views

PT-2025-5748

Name of the Vulnerable Software and Affected Versions: Apache James versions prior to 3.7.6 Apache James versions prior to 3.8.2 Description: Apache James is susceptible to a denial of service through the misuse of IMAP literals by both authenticated and unauthenticated users. This could lead to...

8.6CVSS6.2AI score0.00802EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2023/02/15 3:48 a.m.4 views

SUSE CVE-2021-3657

A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large =2GiB IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for...

9.8CVSS9.5AI score0.03331EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/08/11 12:0 a.m.41 views

GLSA-202208-15 : isync: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202208-15 isync: Multiple Vulnerabilities - A flaw was found in mbsync before v1.3.5 and v1.4.1. Validations of the mailbox names returned by IMAP LIST/LSUB do not occur allowing a malicious or compromised server to use specially...

9.8CVSS8.7AI score0.03662EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2022/07/01 12:0 a.m.60 views

Debian DLA-3066-1 : isync - LTS security update

The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3066 advisory. - A flaw was found in mbsync before v1.3.5 and v1.4.1. Validations of the mailbox names returned by IMAP LIST/LSUB do not occur allowing a malicious or compromised...

9.8CVSS8.5AI score0.03331EPSS
Exploits1References10
NVD
NVD
added 2022/02/18 6:15 p.m.17 views

CVE-2021-3657

A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large =2GiB IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for...

9.8CVSS0.03331EPSS
Exploits0References4
Prion
Prion
added 2022/02/18 6:15 p.m.18 views

Buffer overflow

A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large =2GiB IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for...

7.5CVSS9.6AI score0.03331EPSS
Exploits0References4Affected Software4
OSV
OSV
added 2022/02/18 6:15 p.m.3 views

UBUNTU-CVE-2021-3657

A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large =2GiB IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for...

9.8CVSS6.2AI score0.03331EPSS
Exploits0References3
securityvulns
securityvulns
added 2006/12/25 12:0 a.m.39 views

Novell NetMail IMAP server multiple buffer overflows

Buffer overflows on STOP, APPEND commands and on IMAP literals parsing...

4.2AI score
Exploits0References5Affected Software1
Rows per page
Query Builder