Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Carnegie Mellon University Security Vulnerabilities

cve
cve

CVE-2000-0956

cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions.

6.7AI Score

0.0004EPSS

2001-01-22 05:00 AM
31
cve
cve

CVE-2001-1154

Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients.

7.1AI Score

0.01EPSS

2002-03-15 05:00 AM
24
cve
cve

CVE-2002-1580

Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.

9.9AI Score

0.426EPSS

2004-06-14 04:00 AM
37
In Wild
cve
cve

CVE-2004-1011

Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.

9.7AI Score

0.104EPSS

2005-01-10 05:00 AM
46
cve
cve

CVE-2004-1012

The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memo...

9.3AI Score

0.085EPSS

2005-01-10 05:00 AM
37
cve
cve

CVE-2004-1013

The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corru...

9.5AI Score

0.107EPSS

2005-01-10 05:00 AM
49
cve
cve

CVE-2004-1015

Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011.

9.7AI Score

0.104EPSS

2005-01-10 05:00 AM
30
cve
cve

CVE-2004-1067

Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.

9.7AI Score

0.035EPSS

2005-01-10 05:00 AM
35
cve
cve

CVE-2006-0250

Format string vulnerability in the snmp_input function in snmptrapd in CMU SNMP utilities (cmu-snmp) allows remote attackers to execute arbitrary code by sending crafted SNMP messages to UDP port 162.

7.7AI Score

0.132EPSS

2006-01-18 02:00 AM
73
cve
cve

CVE-2009-0688

Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c.

9.6AI Score

0.407EPSS

2009-05-15 03:30 PM
62