Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
GnuMailutils

8 matches found

CVE
CVEadded 2019/11/11 3:49 p.m.108 views

CVE-2019-18862

GNU Mailutils: maidag (the url handler) is installed with setuid root prior to version 3.8, enabling local privilege escalation in url mode. Affected: GNU Mailutils 2.x–3.7. Impact/notes: escalation to root via manipulation of url parameter; exploitation details exist in public advisories and exp...

7.8CVSS7.5AI score0.01135EPSS
CVE
CVEadded 2005/05/26 4:0 a.m.77 views

CVE-2005-1522

The CVE-2005-1522 issue affects the imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90. Authenticated remote users can trigger a denial of service (CPU consumption) by sending a large range value in the FETCH command. The connected advisories confirm a denial-of-service ...

5CVSS5.9AI score0.0167EPSS
CVE
CVEadded 2005/09/13 4:0 a.m.73 views

CVE-2005-2878

CVE-2005-2878 is a format-string vulnerability in GNU Mailutils imap4d’s SEARCH handling. An authenticated attacker could exploit it to execute arbitrary code with imap4d privileges. Debian and Gentoo advisories (DSA-841-1, GLSA 200509-10) document the fix to mailutils 0.6.1-4sarge1 and related p...

7.5CVSS6.9AI score0.14567EPSS
CVE
CVEadded 2005/05/26 4:0 a.m.69 views

CVE-2005-1520

According to the connected advisories, CVE-2005-1520 affects GNU mailutils 0.5 and 0.6 (and pre-0.6.90); it is caused by a buffer overflow in header_get_field_name() in header.c, enabling remote code execution via a crafted email. Remediation in provided documents points to updating to fixed pack...

7.5CVSS7.4AI score0.0667EPSS
CVE
CVEadded 2005/05/26 4:0 a.m.69 views

CVE-2005-1523

CVE-2005-1523 : GNU Mailutils imap4d has a format-string vulnerability in IMAP command tags that allows remote code execution. Affected: imap4d before 0.6.90 (and 0.5/0.6). Impact: arbitrary code execution with IMAP service privileges. Mitigation: upgrade to a version where the issue is fixed (pe...

7.5CVSS7.4AI score0.09782EPSS
CVE
CVEadded 2005/05/26 4:0 a.m.68 views

CVE-2005-1521

CVE-2005-1521 affects GNU Mailutils 0.5/0.6 and earlier than 0.6.90. The description identifies an integer overflow in the imap4d fetch_io function that can cause a heap-based buffer overflow, enabling a remote attacker to execute arbitrary code via a partial message request with a large END para...

7.5CVSS7.5AI score0.03257EPSS
CVE
CVEadded 2005/06/02 4:0 a.m.64 views

CVE-2005-1824

CVE-2005-1824 affects GNU Mailutils when built with the mysql or postgres USE flag: the sql_escape_string function in the mailutils auth/sql.c module fails to properly escape the backslash, enabling SQL command injection. Impact: a remote attacker could inject SQL commands into the underlying dat...

7.5CVSS7.4AI score0.0108EPSS
CVE
CVEadded 2005/04/21 4:0 a.m.47 views

CVE-2004-0984

Technical details about CVE-2004-0984 are not publicly provided in the supplied documents; affected components, root cause, and remediation are not specified. Monitor for updates.

7.2CVSS6.7AI score0.0042EPSS