1397 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-49393
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their...
Linux Distros Unpatched Vulnerability : CVE-2024-49394
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed ema...
Linux Distros Unpatched Vulnerability : CVE-2020-14954
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a begin TLS response, th...
Linux Distros Unpatched Vulnerability : CVE-2018-14349
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message. CVE-2018-14349 Note that...
Linux Distros Unpatched Vulnerability : CVE-2018-14353
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imapquotestring in imap/util.c has an integer underflow. CVE-2018-14353 Note that...
Linux Distros Unpatched Vulnerability : CVE-2020-14154
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate...
Linux Distros Unpatched Vulnerability : CVE-2014-9116
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The writeoneheader function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a...
Linux Distros Unpatched Vulnerability : CVE-2018-14355
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/util.c mishandles .. directory traversal in a mailbox name. CVE-2018-14355 Not...
Linux Distros Unpatched Vulnerability : CVE-2018-14356
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero- length UID. CVE-2018-14356 Note that Nessus relies on the...
Linux Distros Unpatched Vulnerability : CVE-2020-14093
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response. CVE-2020-14093 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2018-14354
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote...
The vulnerability of Mutt and NeoMutt email clients, related to errors in verifying the cryptographic signature, allows a hacker to alter the list of trusted recipients and expose the encrypted information.
The vulnerability of Mutt and NeoMutt email clients stems from errors in verifying the cryptographic signature when processing header fields. Exploiting this vulnerability could allow a malicious actor to alter the list of trusted recipients and expose the sensitive information being protected...
The vulnerability of the --hidden-recipient mode in Mutt and NeoMutt email clients, which allows a hacker to disclose protected information.
The vulnerability of the “--hidden-recipient” mode in Mutt and NeoMutt clients is related to incorrect processing of header fields during PGP encryption. Exploiting this vulnerability can allow a remote attacker to disclose the protected information...
CVE-2011-1429 affecting package mutt 2.2.12-1
CVE-2011-1429 affecting package mutt 2.2.12-1. No patch is available currently...
SUSE CVE-2024-49393
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality...
SUSE CVE-2024-49394
In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender...
SUSE CVE-2024-49395
In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info...
DEBIAN-CVE-2024-49395
In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info...
CVE-2024-49395
In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info...
DEBIAN-CVE-2024-49394
In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender...