Lucene search
+L

102 matches found

OSV
OSV
added 2021/05/05 4:15 p.m.9 views

UBUNTU-CVE-2021-32055

Mutt 1.11.0 through 2.0.x before 2.0.7 and NeoMutt 2019-10-25 through 2021-05-04 has a $imapqresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma. NOTE: the $imapqresync setting for QRESYNC is not enabled by default...

9.1CVSS7.3AI score0.02551EPSS
Exploits0References6
OSV
OSV
added 2021/02/23 7:15 p.m.2 views

DEBIAN-CVE-2021-20247

A flaw was found in mbsync before v1.3.5 and v1.4.1. Validations of the mailbox names returned by IMAP LIST/LSUB do not occur allowing a malicious or compromised server to use specially crafted mailbox names containing '..' path components to access data outside the designated mailbox on the...

7.4CVSS7.2AI score0.0188EPSS
Exploits1References1
ThreatPost
ThreatPost
added 2020/11/27 5:33 p.m.149 views

TurkeyBombing Puts New Twist on Zoom Abuse

Millions of family and friends, forced to spend Thanksgiving socially distant, are being targeted by cybercriminals as they turn to video platforms like Zoom to virtually be together. In this ongoing attack, cybersecurity experts warn, victims are targeted with a Zoom-related and...

Exploits0References12
OSV
OSV
added 2020/10/22 1:22 p.m.4 views

USN-4598-1 libetpan vulnerability

It was discovered that LibEtPan incorrectly handled STARTTLS when using IMAP, SMTP and POP3. A remote attacker could possibly use this issue to perform a response injection attack. CVE-2020-15953...

7.4CVSS7.2AI score0.02413EPSS
Exploits1References2
OSV
OSV
added 2020/06/09 12:0 a.m.4 views

UBUNTU-CVE-2020-12398

If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH response, then Thunderbird will continue with an unencrypted connection, causing email data to be sent without protection. This vulnerability affects Thunderbird 68.9.0...

7.5CVSS7.1AI score0.00976EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2020/04/06 12:0 a.m.48 views

dovecot security and bug fix update

1:2.2.36-6 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1741787 1:2.2.36-5 - fix CVE-2019-3814: improper certificate validation 1674369 - fix CVE-2019-7524: buffer overflow in...

9.8CVSS2.4AI score0.62579EPSS
Exploits2
OpenVAS
OpenVAS
added 2019/11/30 12:0 a.m.26 views

Fedora Update for imapfilter FEDORA-2019-90925dd5aa

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.5AI score0.00946EPSS
Exploits0References2
Fedora
Fedora
added 2019/11/27 12:25 a.m.38 views

[SECURITY] Fedora 31 Update: imapfilter-2.6.15-1.fc31

IMAPFilter is a mail filtering utility. It connects to remote mail servers using the Internet Message Access Protocol IMAP, sends searching queries to the server and processes mailboxes based on the results. It can be used to delete, copy, move, flag, etc. messages residing in mailboxes at the sa...

7.5CVSS3.6AI score0.00946EPSS
Exploits0
Oracle linux
Oracle linux
added 2019/11/14 12:0 a.m.55 views

dovecot security and bug fix update

1:2.2.36-10 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1741788 1:2.2.36-9 - reset errno before iterating through users 1630410 1:2.2.36-8 - fix CVE-2019-3814: improper certificate...

9.8CVSS0.6AI score0.62579EPSS
Exploits2
OSV
OSV
added 2019/10/07 2:21 p.m.5 views

OPENSUSE-SU-2019:2281-1 Security update for dovecot23

This update for dovecot23 fixes the following issues: - CVE-2019-11500: Fixed the NUL byte handling in IMAP and ManageSieve protocol parsers. bsc1145559 - CVE-2019-11499: Fixed a vulnerability where the submission-login would crash over a TLS secured channel bsc1133625. - CVE-2019-11494: Fixed a...

9.8CVSS8.6AI score0.62579EPSS
Exploits1References7
OSV
OSV
added 2019/10/02 8:48 a.m.10 views

SUSE-SU-2019:2514-1 Security update for dovecot23

This update for dovecot23 fixes the following issues: - CVE-2019-11500: Fixed the NUL byte handling in IMAP and ManageSieve protocol parsers. bsc1145559 - CVE-2019-11499: Fixed a vulnerability where the submission-login would crash over a TLS secured channel bsc1133625. - CVE-2019-11494: Fixed a...

9.8CVSS8.6AI score0.62579EPSS
Exploits1References7
OSV
OSV
added 2019/09/24 2:47 p.m.8 views

SUSE-SU-2019:2454-1 Security update for dovecot22

This update for dovecot22 fixes the following issues: - CVE-2019-11500: Fixed a potential remote code execution in the IMAP and ManageSieve protocol parsers bsc1145559...

9.8CVSS8.9AI score0.62579EPSS
Exploits1References3
Oracle linux
Oracle linux
added 2019/09/23 12:0 a.m.68 views

dovecot security update

1:2.0.9-22.1 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1752708...

9.8CVSS1.7AI score0.62579EPSS
Exploits1
Oracle linux
Oracle linux
added 2019/09/23 12:0 a.m.58 views

dovecot security update

1:2.2.36-5.1 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1741788...

9.8CVSS1.7AI score0.62579EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2019/09/20 2:11 a.m.86 views

Important: Red Hat Security Advisory: dovecot security update

An update for dovecot is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.8CVSS7.3AI score0.62579EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2019/09/20 2:11 a.m.8 views

dovecot: improper NULL byte handling in IMAP and ManageSieve protocol parsers leads to out of bounds writes

A flaw was found in dovecot. IMAP and ManageSieve protocol parsers do not properly handle the NULL byte when scanning data in quoted strings which leads to an out of bounds heap memory write. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

9.8CVSS5.7AI score0.62579EPSS
Exploits1References5
Oracle linux
Oracle linux
added 2019/09/20 12:0 a.m.86 views

dovecot security update

1:2.2.36-3.1 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1751383...

9.8CVSS1.7AI score0.62579EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/09/09 12:0 a.m.30 views

Fedora 29 : 1:dovecot (2019-59d60bd1fa)

CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...

9.8CVSS8.2AI score0.62579EPSS
Exploits1References2
OSV
OSV
added 2019/09/08 2:9 p.m.6 views

MGASA-2019-0261 Updated dovecot packages fix security vulnerability

Updated dovecot packages fix security vulnerability: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes...

9.8CVSS8.7AI score0.62579EPSS
Exploits1References3
ArchLinux
ArchLinux
added 2019/08/28 12:0 a.m.39 views

[ASA-201908-18] dovecot: arbitrary code execution

Arch Linux Security Advisory ASA-201908-18 ========================================== Severity: Critical Date : 2019-08-28 CVE-ID : CVE-2019-11500 Package : dovecot Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1026 Summary ======= The package dovecot befo...

9.8CVSS2.2AI score0.62579EPSS
Exploits1References7
Rows per page
Query Builder