Lucene search
K

26 matches found

CloudLinux
CloudLinux
added 2026/05/21 3:39 p.m.10 views

dovecot: Fix of 2 CVEs

CVE-2026-42006: lib-imap: fix listcountlimit to actually count open '' instead of close '', preventing an imap-login memory-exhaustion DoS that bypassed the CVE-2026-27857 fix...

7.5CVSS5.8AI score0.00454EPSS
Exploits0
OSV
OSV
added 2026/05/21 10:45 a.m.12 views

CLSA-2026-1779360319 dovecot: Fix of CVE-2026-42006

CVE-2026-42006: fix imap-login listcountlimit to actually limit open '' characters; the previous fix limited closing '' instead, leaving the bracing memory exhaustion vector open...

7.5CVSS5.8AI score0.00454EPSS
Exploits0References1
OSV
OSV
added 2026/05/21 10:44 a.m.12 views

CLSA-2026-1779360288 dovecot: Fix of CVE-2026-42006

CVE-2026-42006: fix imap-login listcountlimit to actually limit open '' characters; the previous fix limited closing '' instead, leaving the bracing memory exhaustion vector open...

7.5CVSS5.8AI score0.00454EPSS
Exploits0References1
CloudLinux
CloudLinux
added 2026/05/13 8:59 a.m.9 views

dovecot: Fix of CVE-2026-27857

CVE-2026-27857: imap-login: limit IMAP parser open lists to prevent excessive memory usage...

7.5CVSS5.8AI score0.00667EPSS
Exploits1
OSV
OSV
added 2026/05/05 11:8 p.m.10 views

CLSA-2026-1778022490 dovecot: Fix of CVE-2026-27857

CVE-2026-27857: limit number of open IMAP parser lists in imap-login to prevent excessive memory usage DoS via deeply-nested parentheses...

7.5CVSS5.8AI score0.00667EPSS
Exploits1References1
OSV
OSV
added 2026/05/05 10:25 a.m.6 views

CLSA-2026-1777976700 dovecot: Fix of CVE-2026-27857

CVE-2026-27857: limit the number of open IMAP parser lists in imap-login to prevent excessive memory usage from deeply nested parentheses e.g. NOOP...

7.5CVSS5.8AI score0.00667EPSS
Exploits1References1
OSV
OSV
added 2026/05/05 1:57 a.m.19 views

CLSA-2026-1777946242 php: Fix of 13 CVEs

CVE-2018-14883: fix int overflow leading to heap overflow in exifthumbnailextract - CVE-2019-6977: fix imagecolormatch out-of-bounds write on heap in GD - CVE-2019-9022: fix memcpy with negative length via crafted DNS response - CVE-2019-9640: fix invalid read in exifprocessSOFn - CVE-2019-11042:...

8.8CVSS7AI score0.9523EPSS
Exploits21References1
Ubuntu
Ubuntu
added 2026/03/31 9:48 a.m.6 views

USN-8136-1: Dovecot vulnerabilities

It was discovered that Dovecot incorrectly handled invalid base64 SASL data. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 25.10. CVE-2025-59028 It was discovered that Dovecot script decode2text.sh incorrectly handled zip files. An attacke...

8.2CVSS6AI score0.0079EPSS
Exploits7
OSV
OSV
added 2026/03/31 9:48 a.m.8 views

USN-8136-1 dovecot vulnerabilities

It was discovered that Dovecot incorrectly handled invalid base64 SASL data. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 25.10. CVE-2025-59028 It was discovered that Dovecot script decode2text.sh incorrectly handled zip files. An attacke...

8.2CVSS6AI score0.0079EPSS
Exploits7References12
Debian CVE
Debian CVE
added 2026/03/27 8:10 a.m.3 views

CVE-2026-27857

Sending "NOOP ..." command with 4000 parenthesis open+close results in 1MB extra memory usage. Longer commands will result in client disconnection. This 1 MB can be left allocated for longer time periods by not sending the command ending LF. So attacker could connect possibly from even a single I...

7.5CVSS5.4AI score0.00667EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2026/03/27 12:0 a.m.5 views

CVE-2026-27857

Sending "NOOP ..." command with 4000 parenthesis open+close results in 1MB extra memory usage. Longer commands will result in client disconnection. This 1 MB can be left allocated for longer time periods by not sending the command ending LF. So attacker could connect possibly from even a single I...

7.5CVSS5.9AI score0.00667EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2012-2126

Malware in sbrugna...

5CVSS6.1AI score0.02451EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-1162

Malware in sbrugna...

7.8CVSS6.4AI score0.02102EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-2817

Malware in sbrugna...

5CVSS6.3AI score0.04048EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2010-2813

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - functions/imapgeneral.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial ...

5CVSS6.7AI score0.04048EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.26 views

RHEL 3 : squirrelmail (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 3 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - SquirrelMail: Mail Fetch plugin -- port-scans via non-standard POP3 server ports CVE-2010-1637 -...

6.5CVSS7AI score0.04048EPSS
Exploits0References2
CNVD
CNVD
added 2015/04/30 12:0 a.m.5 views

Dovecot imap-login TLS Handshake Denial of Service Vulnerability

Dovecot is an open source based on Linux/UNIX-like systems IMAP and POP3 mail server . A denial of service vulnerability exists in Dovecot version 2.2.16 and earlier. Due to an imap-login related error in the program's handling of forced SSLv3 connections. An attacker can exploit the vulnerabilit...

5.9CVSS6.7AI score0.02842EPSS
Exploits0References1
OSV
OSV
added 2014/05/17 12:38 a.m.8 views

MGASA-2014-0223 Updated dovecot packages fix security vulnerability

Updated dovecot packages fix security vulnerability. Dovecot before 2.2.13 is vulnerable to a DoS attack against imap/pop3-login processes. If SSL/TLS handshake was started but wasn't finished, the login process attempted to eventually forcibly disconnect the client, but failed to do it correctly...

5CVSS6.1AI score0.03331EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2013/01/18 11:48 a.m.25 views

CVE-2012-2124

functions/imapgeneral.php in SquirrelMail, as used in Red Hat Enterprise Linux RHEL 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service disk consumption by making many IMAP login attempts with different usernames, leading to...

5CVSS5.9AI score0.02451EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2010/08/25 12:0 a.m.42 views

Mercur Messaging 2005 - IMAP Login Buffer Overflow (Metasploit)

$Id: mercurlogin.rb 10150 2010-08-25 20:55:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

10CVSS7AI score0.68147EPSS
Exploits12
Rows per page
Query Builder