Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
DovecotDovecot

53 matches found

CVE
CVEadded 2009/11/24 5:30 p.m.50 views

CVE-2009-3897

Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory its...

5.5CVSS5.4AI score0.00079EPSS
CVE
CVEadded 2013/12/09 4:36 p.m.50 views

CVE-2013-6171

checkpassword-reply in Dovecot before 2.2.7 performs setuid operations to a user who is authenticating, which allows local users to bypass authentication and access virtual email accounts by attaching to the process and using a restricted file descriptor to modify account information in the respons...

5.8CVSS7.3AI score0.00227EPSS
CVE
CVEadded 2017/02/17 2:59 a.m.49 views

CVE-2016-8652

The auth component in Dovecot before 2.2.27, when auth-policy is configured, allows a remote attackers to cause a denial of service (crash) by aborting authentication without setting a username.

5.9CVSS5.5AI score0.09597EPSS
Total number of security vulnerabilities53