Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dovecot dovecot 1.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-3235
Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 prior to 1.0.4 and 1.1 prior to 1.1.7, as derived from Cyrus libsieve, allow context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE scr...
Dovecot Dovecot 1.0.2
Dovecot Dovecot 1.0.3
Dovecot Dovecot 1.1.5
Dovecot Dovecot 1.1.6
Dovecot Dovecot 1.0.1
Dovecot Dovecot 1.1.1
Dovecot Dovecot 1.1.2
Dovecot Dovecot 1.1
Dovecot Dovecot 1.1.0
Dovecot Dovecot 1.0
Dovecot Dovecot 1.1.3
Dovecot Dovecot 1.1.4
NA
CVE-2009-2632
Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 prior to 1.0.4 and 1.1 prior to 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted S...
Cmu Cyrus Imap Server 2.2.13
Cmu Cyrus Imap Server 2.3.14
NA
CVE-2008-5301
Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote malicious users to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
Dovecot Dovecot 1.0.12
Dovecot Dovecot 1.0.3
Dovecot Dovecot 1.0.9
Dovecot Dovecot 1.1
Dovecot Dovecot 1.0
Dovecot Dovecot 1.0.2
Dovecot Dovecot 1.0.10
Dovecot Dovecot 1.0.6
Dovecot Dovecot 1.1.2
Dovecot Dovecot 1.1.3
Dovecot Dovecot 1.0.4
Dovecot Dovecot 1.0.5
Dovecot Dovecot 1.1.0
Dovecot Dovecot 1.1.1
Dovecot Dovecot 0.99.13
Dovecot Dovecot 0.99.14
Dovecot Dovecot 1.0.7
Dovecot Dovecot 1.0.8
Dovecot Dovecot 1.1.4
Dovecot Dovecot 1.1.5
NA
CVE-2008-4578
The ACL plugin in Dovecot prior to 1.1.4 allows malicious users to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
Dovecot Dovecot 1.0.rc15
Dovecot Dovecot 1.0.rc14
Dovecot Dovecot 1.0.7
Dovecot Dovecot 1.0.rc22
Dovecot Dovecot 1.0.9
Dovecot Dovecot 1.0.rc25
Dovecot Dovecot 0.99.13
Dovecot Dovecot 1.0.beta2
Dovecot Dovecot 1.0.5
Dovecot Dovecot 1.0.beta6
Dovecot Dovecot 1.0.rc13
Dovecot Dovecot 1.0.rc5
Dovecot Dovecot 1.1.0
Dovecot Dovecot 1.1.1
Dovecot Dovecot 1.0.12
Dovecot Dovecot 1.1
Dovecot Dovecot 1.0.rc20
Dovecot Dovecot 1.0.rc2
Dovecot Dovecot 1.0.8
Dovecot Dovecot 1.0.rc23
Dovecot Dovecot 1.0.rc26
Dovecot Dovecot 1.0.beta1
NA
CVE-2008-1218
Argument injection vulnerability in Dovecot 1.0.x prior to 1.0.13, and 1.1.x prior to 1.1.rc3, when using blocking passdbs, allows remote malicious users to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable th...
Dovecot Dovecot
1 EDB exploit
NA
CVE-2008-1199
Dovecot prior to 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
Dovecot Dovecot 1.0.4
Dovecot Dovecot 1.0.5
Dovecot Dovecot 1.0.beta7
Dovecot Dovecot 1.0.beta8
Dovecot Dovecot 1.0.rc2
Dovecot Dovecot 1.0.rc3
Dovecot Dovecot 1.0 Rc29
Dovecot Dovecot 1.0
Dovecot Dovecot 1.0.10
Dovecot Dovecot 1.0.8
Dovecot Dovecot 1.0.9
Dovecot Dovecot 1.0.rc11
Dovecot Dovecot 1.0.rc12
Dovecot Dovecot 1.0.rc13
Dovecot Dovecot 1.0.rc6
Dovecot Dovecot 1.0.rc7
Dovecot Dovecot 0.99.13
Dovecot Dovecot 0.99.14
Dovecot Dovecot 1.0.6
Dovecot Dovecot 1.0.7
Dovecot Dovecot 1.0.rc1
Dovecot Dovecot 1.0.rc10
NA
CVE-2007-6598
Dovecot prior to 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
Dovecot Dovecot
NA
CVE-2007-2231
Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot prior to 1.0.rc29, when using the zlib plugin, allows remote malicious users to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
Dovecot Dovecot 1.0.beta4
Dovecot Dovecot 1.0.beta5
Dovecot Dovecot 1.0.rc11
Dovecot Dovecot 1.0.rc12
Dovecot Dovecot 1.0.rc2
Dovecot Dovecot 1.0.rc20
Dovecot Dovecot 1.0.rc27
Dovecot Dovecot 1.0.rc28
Dovecot Dovecot 1.0.rc9
Dovecot Dovecot 1.0.beta2
Dovecot Dovecot 1.0.beta3
Dovecot Dovecot 1.0.rc1
Dovecot Dovecot 1.0.rc10
Dovecot Dovecot 1.0.rc18
Dovecot Dovecot 1.0.rc19
Dovecot Dovecot 1.0.rc25
Dovecot Dovecot 1.0.rc26
Dovecot Dovecot 1.0.rc7
Dovecot Dovecot 1.0.rc8
Dovecot Dovecot 1.0.beta6
Dovecot Dovecot 1.0.beta7
Dovecot Dovecot 1.0.rc13
NA
CVE-2006-5973
Off-by-one buffer overflow in Dovecot 1.0test53 up to and including 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vec...
Timo Sirainen Dovecot 1.0.alpha5
Timo Sirainen Dovecot 1.0.beta1
Timo Sirainen Dovecot 1.0.beta8
Timo Sirainen Dovecot 1.0.beta9
Timo Sirainen Dovecot 1.0.rc1
Timo Sirainen Dovecot 1.0.rc3
Timo Sirainen Dovecot 1.0.rc4
Timo Sirainen Dovecot 1.0.test54
Timo Sirainen Dovecot 1.0.test55
Timo Sirainen Dovecot 1.0.test63
Timo Sirainen Dovecot 1.0.test64
Timo Sirainen Dovecot 1.0.test71
Timo Sirainen Dovecot 1.0.test72
Timo Sirainen Dovecot 1.0.test79
Timo Sirainen Dovecot 1.0.test80
Timo Sirainen Dovecot 1.0.alpha3
Timo Sirainen Dovecot 1.0.alpha4
Timo Sirainen Dovecot 1.0.beta6
Timo Sirainen Dovecot 1.0.beta7
Timo Sirainen Dovecot 1.0.rc14
Timo Sirainen Dovecot 1.0.rc2
Timo Sirainen Dovecot 1.0.rc9
NA
CVE-2006-2414
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote malicious users to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
Timo Sirainen Dovecot 1.0 Beta7
Timo Sirainen Dovecot 1.0 Beta2
Timo Sirainen Dovecot 1.0 Beta3
Timo Sirainen Dovecot 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started