SUSE CVE-2018-0499

A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...

FreeBSD : dovecot -- multiple vulnerabilities (74db0d02-b140-4c32-aac6-1f1e81e1ad30)

Aki Tuomi reports : lib-smtp doesn't handle truncated command parameters properly, resulting in infinite loop taking 100% CPU for the process. This happens for LMTP where it doesn't matter so much and also for submission-login where unauthenticated users can trigger it. Aki also reports : Snippet...

CVE-2020-7957

The IMAP and LMTP components in Dovecot 2.3.9 before 2.3.9.3 mishandle snippet generation when many characters must be read to compute the snippet and a trailing character exists. This causes a denial of service in which the recipient cannot read all of their messages...

ALPINE-CVE-2020-7957

The IMAP and LMTP components in Dovecot 2.3.9 before 2.3.9.3 mishandle snippet generation when many characters must be read to compute the snippet and a trailing character exists. This causes a denial of service in which the recipient cannot read all of their messages...

CVE-2020-7957

The IMAP and LMTP components in Dovecot 2.3.9 before 2.3.9.3 mishandle snippet generation when many characters must be read to compute the snippet and a trailing character exists. This causes a denial of service in which the recipient cannot read all of their messages...

CVE-2020-7957

The IMAP and LMTP components in Dovecot 2.3.9 before 2.3.9.3 mishandle snippet generation when many characters must be read to compute the snippet and a trailing character exists. This causes a denial of service in which the recipient cannot read all of their messages...

CVE-2020-7957

The IMAP and LMTP components in Dovecot 2.3.9 before 2.3.9.3 mishandle snippet generation when many characters must be read to compute the snippet and a trailing character exists. This causes a denial of service in which the recipient cannot read all of their messages...

PT-2020-19876 · Dovecot +1 · Dovecot +1

Name of the Vulnerable Software and Affected Versions: Dovecot versions 2.3.9 through 2.3.9.2 Description: The issue arises from the mishandling of snippet generation by the IMAP and LMTP components when a large number of characters must be read to compute the snippet and a trailing character...

dovecot -- multiple vulnerabilities

Aki Tuomi reports: lib-smtp doesn't handle truncated command parameters properly, resulting in infinite loop taking 100% CPU for the process. This happens for LMTP where it doesn't matter so much and also for submission-login where unauthenticated users can trigger it. Aki also reports: Snippet...

DEBIAN-CVE-2018-0499

A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...