DEBIAN-CVE-2026-42256

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. From versions 0.4.0 to before 0.4.24, 0.5.0 to before 0.5.14, and 0.6.0 to before 0.6.4, when authenticating a connection with SCRAM-SHA1 or SCRAM-SHA256, a hostile server can perform a computational...

EUVD-2026-28925

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. From versions 0.4.0 to before 0.4.24, 0.5.0 to before 0.5.14, and 0.6.0 to before 0.6.4, when authenticating a connection with SCRAM-SHA1 or SCRAM-SHA256, a hostile server can perform a computational...

Moderate: Red Hat Security Advisory: python3.9 security update

An update for python3.9 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

MiracleLinux 7 : rh-ruby27-ruby-2.7.4-130.el7 (AXSA:2021-2423:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2423:02 advisory. rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 rubygem-rdoc: Command injection...

EUVD-2003-1292

Malware in sbrugna...

EUVD-2003-0163

Malware in sbrugna...

EUVD-2007-3247

Malware in sbrugna...

EUVD-2014-4293

Malware in sbrugna...

EUVD-2008-2822

Malware in sbrugna...

Medium: ruby3.2

Issue Overview: Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Starting in version 0.3.2 and prior to versions 0.3.8, 0.4.19, and 0.5.6, there is a possibility for denial of service by memory exhaustion in net-imap's response parser. At any time while the...

SUSE CVE-2002-2215

The imapheader function in the IMAP functionality for PHP before 4.3.0 allows remote attackers to cause a denial of service via an e-mail message with a large number of "To" addresses, which triggers an error in the rfc822writeaddress function...

ruby: StartTLS stripping vulnerability in Net::IMAP

Ruby's Net::IMAP module did not raise an exception when receiving an unexpected response to the STARTTLS command and the connection was not upgraded to use TLS. A man-in-the-middle attacker could use this flaw to prevent Ruby applications using Net::IMAP to enable TLS encryption for a connection ...

Rocky Linux 8 : thunderbird (RLSA-2021:2883)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:2883 advisory. - If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected IMAP server responses prior to the completion of the STARTTLS...

OPENSUSE-SU-2019:2278-1 Security update for dovecot23

This update for dovecot23 fixes the following issue: - CVE-2019-11500: Fixed the NUL byte handling in IMAP and ManageSieve protocol parsers. bsc1145559 - CVE-2019-11499: Fixed a vulnerability where the submission-login would crash over a TLS secured channel bsc1133625. - CVE-2019-11494: Fixed a...

PT-2019-3525 · Dovecot +3 · Dovecot +3

Name of the Vulnerable Software and Affected Versions: Dovecot versions 2.3.3 through 2.3.5.2 Description: The issue is related to the implementation of the Internet Message Access Protocol IMAP in the Dovecot mail server, specifically a null pointer dereference. This can be exploited by a remote...

CVE-2012-2124

functions/imapgeneral.php in SquirrelMail, as used in Red Hat Enterprise Linux RHEL 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service disk consumption by making many IMAP login attempts with different usernames, leading to...

Mercury Mail 4.01 (Pegasus) IMAP Buffer Overflow Exploit

No description provided by source...

Mandrake Linux Security Advisory : php (MDKSA-2006:122)

Multiple buffer overflows in the gd graphics library libgd 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function. One instance in gdiodp.c does not appear to be corrected in the...

Crlf injection

CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimapmailboxselect command, aka "IMAP injection."...

[Full-disclosure] Rockliffe Directory Transversal Vulnerability

Synopsis: Rockliffe's Mailsite Imap Directory Transversal Vulnerability. Product: Rockliffe Mailsite http://www.rockliffe.com Version: Confirmed on Mailsite 6.1.22.1 Author: Josh Zlatin-Amishav Date: January 4, 2006 Background: Rockliffe MailSite secure email server software and MailSite MP secur...