Filter
redhat/dovecotIMAP and ManageSieve protocol parsers do not properly handle NUL byte when scanning data in quoted s…
9.8
First published (updated )
Dovecot DovecotAn issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb …
8.8
First published (updated )
Fedoraproject Fedoralib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3.9.3 mishandles truncated UTF-8 dat…
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
ubuntu/dovecotIn Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service be…
7.5
First published (updated )
ubuntu/dovecotIn Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service b…
7.5
First published (updated )
ubuntu/dovecotIn Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attack…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Dovecot DovecotThe ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access …
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Fedoraproject FedoraIn the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login component crashes if AUTH …
7.5
First published (updated )
Dovecot DovecotThe JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication s…
7.5
First published (updated )
Dovecot DovecotAn issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can …
6.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Dovecot DovecotArgument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when usin…
6.8
First published (updated )
Dovecot DovecotDovecot before 1.0.10, with certain configuration options including use of %variables, does not prop…
6.8
First published (updated )
Dovecot Dovecotscript-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration setting…
6.5
First published (updated )
Dovecot DovecotThe ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in ce…
6.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Dovecot DovecotThe ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to sa…
First published (updated )
Fedoraproject FedoraThe ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3 is disabled, allow remote atta…
5.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.