Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cyrus imapd vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0546
Multiple buffer overflows in Cyrus IMAPd prior to 2.2.11 may allow malicious users to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews,...
Cyrus Imapd 2.0.17
Cyrus Imapd 2.1.16
Cyrus Imapd 2.1.17
Cyrus Imapd 2.1.18
Cyrus Imapd 2.2.10
NA
CVE-2011-3372
imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x prior to 2.4.12 allows remote malicious users to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.
Cyrus Imapd
NA
CVE-2006-2502
Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote malicious users to execute arbitrary code via a long USER command.
Cyrus Imapd 2.3.2
3 EDB exploits
NA
CVE-2011-3481
The index_get_ids function in index.c in imapd in Cyrus IMAP Server prior to 2.4.11, when server-side threading is enabled, allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.
Cmu Cyrus Imap Server 2.3.13
Cmu Cyrus Imap Server 2.3.9
Cmu Cyrus Imap Server 2.3.7
Cmu Cyrus Imap Server 2.3.8
Cmu Cyrus Imap Server 2.4.8
Cmu Cyrus Imap Server 2.0.17
Cmu Cyrus Imap Server 2.2.9
Cmu Cyrus Imap Server 2.2.8
Cmu Cyrus Imap Server
Cmu Cyrus Imap Server 2.3.17
Cmu Cyrus Imap Server 2.3.15
Cmu Cyrus Imap Server 2.3.2
Cmu Cyrus Imap Server 2.4.9
Cmu Cyrus Imap Server 2.4.0
Cmu Cyrus Imap Server 2.1.16
Cmu Cyrus Imap Server 2.4.7
Cmu Cyrus Imap Server 2.3.1
Cmu Cyrus Imap Server 2.3.0
Cmu Cyrus Imap Server 2.3.14
Cmu Cyrus Imap Server 2.3.16
Cmu Cyrus Imap Server 2.3.12
Cmu Cyrus Imap Server 2.3.5
NA
CVE-2015-8078
Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote malicious users to have unspecified impact via vectors related to urlfetch range checks and the section_offset variable. NOTE: this vulnerability exists because o...
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Cyrus Imap 2.4.4
Cyrus Imap 2.3.7
Cyrus Imap 2.4.6
Cyrus Imap 2.3.4
Cyrus Imap 2.4.16
Cyrus Imap 2.4.1
Cyrus Imap 2.3.5
Cyrus Imap 2.3.17
Cyrus Imap 2.4.0
Cyrus Imap 2.4.11
Cyrus Imap 2.5.1
Cyrus Imap 2.4.8
Cyrus Imap 2.4.10
Cyrus Imap 2.3.3
Cyrus Imap 2.3.8
Cyrus Imap 2.4.2
Cyrus Imap 2.5.0
Cyrus Imap 2.4.14
Cyrus Imap 2.3.14
Cyrus Imap 2.3.1
NA
CVE-2015-8076
The index_urlfetch function in index.c in Cyrus IMAP 2.3.x prior to 2.3.19, 2.4.x prior to 2.4.18, 2.5.x prior to 2.5.4 allows remote malicious users to obtain sensitive information or possibly have unspecified other impact via vectors related to the urlfetch range, which trigger...
Opensuse Opensuse 13.2
Opensuse Leap 42.1
Cyrus Imap 2.3.0
Cyrus Imap 2.3.1
Cyrus Imap 2.3.8
Cyrus Imap 2.3.9
Cyrus Imap 2.3.16
Cyrus Imap 2.3.17
Cyrus Imap 2.4.6
Cyrus Imap 2.4.7
Cyrus Imap 2.4.14
Cyrus Imap 2.4.15
Cyrus Imap 2.3.6
Cyrus Imap 2.3.7
Cyrus Imap 2.3.14
Cyrus Imap 2.3.15
Cyrus Imap 2.4.4
Cyrus Imap 2.4.5
Cyrus Imap 2.4.12
Cyrus Imap 2.4.13
Cyrus Imap 2.5.2
Cyrus Imap 2.5.3
NA
CVE-2015-8077
Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote malicious users to have unspecified impact via vectors related to urlfetch range checks and the start_octet variable. NOTE: this vulnerability exists because of a...
Cyrus Imap 2.4.4
Cyrus Imap 2.3.7
Cyrus Imap 2.4.6
Cyrus Imap 2.3.4
Cyrus Imap 2.4.16
Cyrus Imap 2.4.1
Cyrus Imap 2.3.5
Cyrus Imap 2.3.17
Cyrus Imap 2.4.0
Cyrus Imap 2.4.11
Cyrus Imap 2.5.1
Cyrus Imap 2.4.8
Cyrus Imap 2.4.10
Cyrus Imap 2.3.3
Cyrus Imap 2.3.8
Cyrus Imap 2.4.2
Cyrus Imap 2.5.0
Cyrus Imap 2.4.14
Cyrus Imap 2.3.14
Cyrus Imap 2.3.1
Cyrus Imap 2.4.17
Cyrus Imap 2.3.13
NA
CVE-2011-3208
Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server prior to 2.3.17 and 2.4.x prior to 2.4.11 allows remote malicious users to execute arbitrary code via a crafted NNTP command.
Cmu Cyrus Imap Server 2.0.17
Cmu Cyrus Imap Server 2.1.16
Cmu Cyrus Imap Server 2.2.11
Cmu Cyrus Imap Server 2.2.9
Cmu Cyrus Imap Server 2.3.1
Cmu Cyrus Imap Server 2.3.0
Cmu Cyrus Imap Server 2.3.11
Cmu Cyrus Imap Server 2.1.17
Cmu Cyrus Imap Server 2.1.18
Cmu Cyrus Imap Server 2.2.10
Cmu Cyrus Imap Server 2.2.8
Cmu Cyrus Imap Server 2.3.15
Cmu Cyrus Imap Server 2.3.13
Cmu Cyrus Imap Server 2.3.9
Cmu Cyrus Imap Server 2.3.10
Cmu Cyrus Imap Server 2.3.14
Cmu Cyrus Imap Server 2.2.14
Cmu Cyrus Imap Server 2.2.12
Cmu Cyrus Imap Server 2.3.4
Cmu Cyrus Imap Server 2.3.12
Cmu Cyrus Imap Server 2.3.7
Cmu Cyrus Imap Server 2.3.8
NA
CVE-2004-1067
Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and previous versions leads to a buffer overflow, which may allow remote malicious users to execute arbitrary code via the username.
Carnegie Mellon University Cyrus Imap Server 2.1.10
Carnegie Mellon University Cyrus Imap Server 2.1.16
Carnegie Mellon University Cyrus Imap Server 2.2.4
Carnegie Mellon University Cyrus Imap Server 2.2.5
Carnegie Mellon University Cyrus Imap Server 1.4
Carnegie Mellon University Cyrus Imap Server 1.5.19
Carnegie Mellon University Cyrus Imap Server 2.2.0 Alpha
Carnegie Mellon University Cyrus Imap Server 2.2.1 Beta
Carnegie Mellon University Cyrus Imap Server 2.2.8
Carnegie Mellon University Cyrus Imap Server 2.2.9
Carnegie Mellon University Cyrus Imap Server 2.1.7
Carnegie Mellon University Cyrus Imap Server 2.1.9
Carnegie Mellon University Cyrus Imap Server 2.2.6
Carnegie Mellon University Cyrus Imap Server 2.2.7
Carnegie Mellon University Cyrus Imap Server 2.0.12
Carnegie Mellon University Cyrus Imap Server 2.0.16
Carnegie Mellon University Cyrus Imap Server 2.2.2 Beta
Carnegie Mellon University Cyrus Imap Server 2.2.3
Ubuntu Ubuntu Linux 4.1
Redhat Fedora Core Core 2.0
Redhat Fedora Core Core 3.0
NA
CVE-2011-1926
The STARTTLS implementation in Cyrus IMAP Server prior to 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle malicious users to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a...
Cmu Cyrus Imap Server 2.4.2
Cmu Cyrus Imap Server 2.4.1
Cmu Cyrus Imap Server 2.4.0
Cmu Cyrus Imap Server 2.3.3
Cmu Cyrus Imap Server 2.3.2
Cmu Cyrus Imap Server 2.3.1
Cmu Cyrus Imap Server 2.3.0
Cmu Cyrus Imap Server 2.1.16
Cmu Cyrus Imap Server 2.3.11
Cmu Cyrus Imap Server 2.0.17
Cmu Cyrus Imap Server
Cmu Cyrus Imap Server 2.4.5
Cmu Cyrus Imap Server 2.3.7
Cmu Cyrus Imap Server 2.3.6
Cmu Cyrus Imap Server 2.3.12
Cmu Cyrus Imap Server 2.2.12
Cmu Cyrus Imap Server 2.2.11
Cmu Cyrus Imap Server 2.3.16
Cmu Cyrus Imap Server 2.3.14
Cmu Cyrus Imap Server 2.2.13
Cmu Cyrus Imap Server 2.3.9
Cmu Cyrus Imap Server 2.3.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »