Lucene search
K

14 matches found

NVD
NVD
added 2026/02/19 9:18 p.m.10 views

CVE-2026-26312

Stalwart is a mail and collaboration server. A denial-of-service vulnerability exists in Stalwart Mail Server versions 0.13.0 through 0.15.4 where accessing a specially crafted email containing malformed nested message/rfc822 MIME parts via IMAP or JMAP causes excessive CPU and memory consumption...

6.5CVSS0.00353EPSS
Exploits1References1
CVE
CVE
added 2026/02/19 9:5 p.m.15 views

CVE-2026-26312

Stalwart Mail Server vulnerable in versions 0.13.0–0.15.4 to an out-of-memory Denial-of-Service when processing specially crafted emails with malformed nested message/rfc822 MIME parts via IMAP or JMAP. The issue stems from the mail-parser crate producing cyclical references that the server then ...

6.5CVSS5.6AI score0.00353EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2021/10/22 5:9 p.m.6 views

CLSA-2021-1634922570 Fixed CVEs in dovecot: CVE-2020-25275, CVE-2020-12100

CVE-2020-12100: Resource exhaustion via deeply nested MIME parts - CVE-2020-25275: Denial of service via mail MIME parsing...

7.5CVSS6.8AI score0.05215EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.30 views

CentOS 8 : dovecot (CESA-2020:3713)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:3713 advisory. - dovecot: Resource exhaustion via deeply nested MIME parts CVE-2020-12100 - dovecot: Out of bound reads in dovecot NTLM implementation CVE-2020-12673 ...

7.5CVSS6.8AI score0.06187EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2020/09/14 12:48 p.m.3 views

dovecot: Resource exhaustion via deeply nested MIME parts

A flaw was found in dovecot. A remote attacker could cause a denial of service by repeatedly sending emails containing MIME parts containing malicious content of which dovecot will attempt to parse. The highest threat from this vulnerability is to system availability...

7.5CVSS6.7AI score0.05215EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2020/09/14 12:48 p.m.58 views

Important: Red Hat Security Advisory: dovecot security update

An update for dovecot is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS6.8AI score0.06187EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2020/09/14 12:0 a.m.34 views

CentOS 7 : dovecot (RHSA-2020:3617)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3617 advisory. - In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service resource...

7.5CVSS6.7AI score0.06187EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2020/09/03 10:41 a.m.3 views

dovecot: Resource exhaustion via deeply nested MIME parts

A flaw was found in dovecot. A remote attacker could cause a denial of service by repeatedly sending emails containing MIME parts containing malicious content of which dovecot will attempt to parse. The highest threat from this vulnerability is to system availability...

7.5CVSS6.7AI score0.05215EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2020/09/03 12:0 a.m.23 views

RHEL 7 : dovecot (RHSA-2020:3617)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3617 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...

7.5CVSS6.9AI score0.06187EPSS
Exploits4References8
OSV
OSV
added 2020/08/17 12:32 p.m.5 views

USN-4456-2 dovecot vulnerabilities

USN-4456-1 fixed several vulnerabilities in Dovecot. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that Dovecot incorrectly handled deeply nested MIME parts. A remote attacker could possibly use this issue to cause Dovecot to...

7.5CVSS6.8AI score0.06187EPSS
Exploits4References4
OSV
OSV
added 2020/08/12 4:15 p.m.3 views

ALPINE-CVE-2020-12100

In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service resource consumption via a crafted e-mail message with deeply nested MIME parts...

7.5CVSS6.7AI score0.05215EPSS
Exploits2References1
OSV
OSV
added 2020/08/12 1:42 p.m.4 views

USN-4456-1 dovecot vulnerabilities

It was discovered that Dovecot incorrectly handled deeply nested MIME parts. A remote attacker could possibly use this issue to cause Dovecot to consume resources, resulting in a denial of service. CVE-2020-12100 It was discovered that Dovecot incorrectly handled memory when using NTLM. A remote...

7.5CVSS6.8AI score0.06187EPSS
Exploits4References4
OSV
OSV
added 2020/08/12 12:0 p.m.2 views

UBUNTU-CVE-2020-12100

In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service resource consumption via a crafted e-mail message with deeply nested MIME parts...

7.5CVSS6.8AI score0.05215EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2020/06/04 12:0 a.m.27 views

Fedora 32 : perl-Email-MIME / perl-Email-MIME-ContentType (2020-22764f623f)

This update limits the number of nested MIME parts to 10 by default, to avoid a possible memory exhaustion issue with lots of tiny MIME parts. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...

5.5AI score
Exploits0References1
Rows per page
Query Builder