Lucene search
K

22 matches found

NVD
NVD
added 2026/02/19 9:18 p.m.8 views

CVE-2026-26312

Stalwart is a mail and collaboration server. A denial-of-service vulnerability exists in Stalwart Mail Server versions 0.13.0 through 0.15.4 where accessing a specially crafted email containing malformed nested message/rfc822 MIME parts via IMAP or JMAP causes excessive CPU and memory consumption...

6.5CVSS0.00353EPSS
Exploits1References1
OSV
OSV
added 2026/02/19 9:5 p.m.16 views

CVE-2026-26312 Stalwart Mail Server has Out-of-Memory Denial of Service via Malformed Nested MIME Messages

Stalwart is a mail and collaboration server. A denial-of-service vulnerability exists in Stalwart Mail Server versions 0.13.0 through 0.15.4 where accessing a specially crafted email containing malformed nested message/rfc822 MIME parts via IMAP or JMAP causes excessive CPU and memory consumption...

6.5CVSS5.6AI score0.00353EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/02/19 9:5 p.m.5 views

CVE-2026-26312 Stalwart Mail Server has Out-of-Memory Denial of Service via Malformed Nested MIME Messages

Stalwart is a mail and collaboration server. A denial-of-service vulnerability exists in Stalwart Mail Server versions 0.13.0 through 0.15.4 where accessing a specially crafted email containing malformed nested message/rfc822 MIME parts via IMAP or JMAP causes excessive CPU and memory consumption...

6.5CVSS5.5AI score0.00353EPSS
Exploits1References1
CVE
CVE
added 2026/02/19 9:5 p.m.15 views

CVE-2026-26312

Stalwart Mail Server vulnerable in versions 0.13.0–0.15.4 to an out-of-memory Denial-of-Service when processing specially crafted emails with malformed nested message/rfc822 MIME parts via IMAP or JMAP. The issue stems from the mail-parser crate producing cyclical references that the server then ...

6.5CVSS5.6AI score0.00353EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2021/10/22 5:9 p.m.5 views

CLSA-2021-1634922570 Fixed CVEs in dovecot: CVE-2020-25275, CVE-2020-12100

CVE-2020-12100: Resource exhaustion via deeply nested MIME parts - CVE-2020-25275: Denial of service via mail MIME parsing...

7.5CVSS6.8AI score0.05215EPSS
Exploits2References1
OSV
OSV
added 2021/02/10 6:41 p.m.4 views

MGASA-2021-0078 Updated perl-Email-MIME and perl-Email-MIME-ContentType packages fix security vulnerability

Messages with too many tiny nested MIME parts can lead to memory exhaustion on split, resulting in denial of service rhbz1835353 This update limits the number of nested MIME parts to 10 by default, to avoid a possible memory exhaustion issue with lots of tiny MIME parts...

7AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.29 views

CentOS 8 : dovecot (CESA-2020:3713)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:3713 advisory. - dovecot: Resource exhaustion via deeply nested MIME parts CVE-2020-12100 - dovecot: Out of bound reads in dovecot NTLM implementation CVE-2020-12673 ...

7.5CVSS6.8AI score0.06187EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2020/09/14 12:48 p.m.3 views

dovecot: Resource exhaustion via deeply nested MIME parts

A flaw was found in dovecot. A remote attacker could cause a denial of service by repeatedly sending emails containing MIME parts containing malicious content of which dovecot will attempt to parse. The highest threat from this vulnerability is to system availability...

7.5CVSS6.7AI score0.05215EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2020/09/14 12:48 p.m.58 views

Important: Red Hat Security Advisory: dovecot security update

An update for dovecot is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS6.8AI score0.06187EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2020/09/14 12:0 a.m.34 views

CentOS 7 : dovecot (RHSA-2020:3617)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3617 advisory. - In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service resource...

7.5CVSS6.7AI score0.06187EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2020/09/03 10:41 a.m.3 views

dovecot: Resource exhaustion via deeply nested MIME parts

A flaw was found in dovecot. A remote attacker could cause a denial of service by repeatedly sending emails containing MIME parts containing malicious content of which dovecot will attempt to parse. The highest threat from this vulnerability is to system availability...

7.5CVSS6.7AI score0.05215EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2020/09/03 12:0 a.m.23 views

RHEL 7 : dovecot (RHSA-2020:3617)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3617 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...

7.5CVSS6.9AI score0.06187EPSS
Exploits4References8
OSV
OSV
added 2020/08/17 12:32 p.m.5 views

USN-4456-2 dovecot vulnerabilities

USN-4456-1 fixed several vulnerabilities in Dovecot. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that Dovecot incorrectly handled deeply nested MIME parts. A remote attacker could possibly use this issue to cause Dovecot to...

7.5CVSS6.8AI score0.06187EPSS
Exploits4References4
OSV
OSV
added 2020/08/12 4:15 p.m.3 views

ALPINE-CVE-2020-12100

In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service resource consumption via a crafted e-mail message with deeply nested MIME parts...

7.5CVSS6.7AI score0.05215EPSS
Exploits2References1
OSV
OSV
added 2020/08/12 1:42 p.m.4 views

USN-4456-1 dovecot vulnerabilities

It was discovered that Dovecot incorrectly handled deeply nested MIME parts. A remote attacker could possibly use this issue to cause Dovecot to consume resources, resulting in a denial of service. CVE-2020-12100 It was discovered that Dovecot incorrectly handled memory when using NTLM. A remote...

7.5CVSS6.8AI score0.06187EPSS
Exploits4References4
OSV
OSV
added 2020/08/12 12:0 p.m.2 views

UBUNTU-CVE-2020-12100

In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service resource consumption via a crafted e-mail message with deeply nested MIME parts...

7.5CVSS6.8AI score0.05215EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2020/06/04 12:0 a.m.27 views

Fedora 32 : perl-Email-MIME / perl-Email-MIME-ContentType (2020-22764f623f)

This update limits the number of nested MIME parts to 10 by default, to avoid a possible memory exhaustion issue with lots of tiny MIME parts. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...

5.5AI score
Exploits0References1
Microsoft KB
Microsoft KB
added 2020/04/21 12:0 a.m.4 views

Update that protects from internal URL port scanning is available for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Embedded Standard 7, Windows Server 2008 R2, Windows 8, Windows RT, and Windows Server 2012

Update that protects from internal URL port scanning is available for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Embedded Standard 7, Windows Server 2008 R2, Windows 8, Windows RT, and Windows Server 2012 Introduction This update is available for Windo...

6.4AI score
Exploits0
OSV
OSV
added 2006/06/07 11:6 p.m.2 views

DEBIAN-CVE-2006-1173

Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and migh...

5CVSS6.8AI score0.05078EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2004/04/20 12:0 a.m.39 views

eudora61.pl

Eudora 6.1 on Windows is evil - have tested "Light Mode" free only so far, do not know if "Sponsored Mode" or "Paid Mode" would be any different. Do not use: stay away from Eudora, or maybe use version 6.0.3. --- Attachment spoof, LaunchProtect:...

7.4AI score
Exploits0
Rows per page
Query Builder