Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fetchmail fetchmail vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2021-39272
Fetchmail prior to 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.
Fetchmail Fetchmail
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
7.5
CVSSv3
CVE-2021-36386
report_vbuild in report.c in Fetchmail prior to 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use ...
Fetchmail Fetchmail
Fedoraproject Fedora 33
Fedoraproject Fedora 34
8.8
CVSSv3
CVE-2020-5239
In Mailu before version 1.7, an authenticated user can exploit a vulnerability in Mailu fetchmail script and gain full access to a Mailu instance. Mailu servers that have open registration or untrusted users are most impacted. The master and 1.7 branches are patched on our git re...
Mailu Mailu
1 Github repository
NA
CVE-2012-3482
Fetchmail 5.0.8 up to and including 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (crash and delayed delivery of inbound mail) via a crafted NTLM response that triggers an out-of-bounds read in the base64 decoder...
Fetchmail Fetchmail 5.2.4
Fetchmail Fetchmail 5.2.7
Fetchmail Fetchmail 5.2.8
Fetchmail Fetchmail 5.4.4
Fetchmail Fetchmail 5.4.5
Fetchmail Fetchmail 5.7.0
Fetchmail Fetchmail 5.7.2
Fetchmail Fetchmail 5.8.2
Fetchmail Fetchmail 5.8.3
Fetchmail Fetchmail 5.9.13
Fetchmail Fetchmail 5.9.4
Fetchmail Fetchmail 6.3.14
Fetchmail Fetchmail 6.3.13
Fetchmail Fetchmail 6.3.6
Fetchmail Fetchmail 6.2.9
Fetchmail Fetchmail 6.2.6
Fetchmail Fetchmail 6.3.7
Fetchmail Fetchmail 6.3.5
Fetchmail Fetchmail 6.3.4
Fetchmail Fetchmail 6.2.1
Fetchmail Fetchmail 6.0.0
Fetchmail Fetchmail 5.2.1
NA
CVE-2011-1947
fetchmail 5.9.9 up to and including 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but not sending additional packets.
Fetchmail Fetchmail 6.3.6
Fetchmail Fetchmail 6.3.16
Fetchmail Fetchmail 6.3.9
Fetchmail Fetchmail 6.3.11
Fetchmail Fetchmail 6.2.3
Fetchmail Fetchmail 6.2.5
Fetchmail Fetchmail 6.2.9
Fetchmail Fetchmail 6.2.0
Fetchmail Fetchmail 6.1.0
Fetchmail Fetchmail 5.9.10
Fetchmail Fetchmail 5.9.13
Fetchmail Fetchmail 6.3.14
Fetchmail Fetchmail 6.3.13
Fetchmail Fetchmail 6.3.17
Fetchmail Fetchmail 6.3.10
Fetchmail Fetchmail 6.2.5.1
Fetchmail Fetchmail 6.3.3
Fetchmail Fetchmail 6.3.2
Fetchmail Fetchmail 5.9.9
Fetchmail Fetchmail 5.9.11
Fetchmail Fetchmail 6.3.18
Fetchmail Fetchmail 6.2.4
NA
CVE-2010-4778
Multiple cross-site scripting (XSS) vulnerabilities in fetchmailprefs.php in Horde IMP prior to 4.3.8, and Horde Groupware Webmail Edition prior to 1.2.7, allow remote malicious users to inject arbitrary web script or HTML via the (1) username (aka fmusername), (2) password (aka ...
Horde Imp 4.0.3
Horde Imp 4.1.6
Horde Imp 2.2.5
Horde Imp 2.2.6
Horde Imp 4.2.2
Horde Imp 4.2
Horde Imp 3.2.7
Horde Imp 4.0
Horde Imp 3.2
Horde Imp 3.2.2
Horde Imp 2.2
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 3.2.4
Horde Imp 3.2.3
Horde Imp 3.2.6
Horde Imp 3.2.5
Horde Imp 4.1.3
Horde Imp 4.0.4
Horde Imp 2.2.4
Horde Imp 4.3.6
Horde Imp 2.0
NA
CVE-2010-3695
Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in Horde IMP prior to 4.3.8, and Horde Groupware Webmail Edition prior to 1.2.7, allows remote malicious users to inject arbitrary web script or HTML via the fm_id parameter in a fetchmail_prefs_save action, related t...
Horde Imp 4.1.3
Horde Imp 4.0.4
Horde Imp 2.2.1
Horde Imp 4.1.5
Horde Imp 4.0.3
Horde Imp 2.2.5
Horde Imp 4.3.5
Horde Imp 4.2.2
Horde Imp 4.3
Horde Imp 4.3.2
Horde Imp 3.2.7
Horde Imp 3.2
Horde Imp 3.1.2
Horde Imp 3.2.2
Horde Imp 2.2.2
Horde Imp 2.0
Horde Imp 4.3.3
Horde Imp 3.2.4
Horde Imp 3.2.3
Horde Imp 2.2.8
Horde Imp 3.1
Horde Imp 4.0.2
1 EDB exploit
NA
CVE-2010-1167
fetchmail 4.6.3 up to and including 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote malicious users to cause a denial of service (memory consumption and application crash) via a crafted (1) message h...
Fetchmail Fetchmail 6.2.9
Fetchmail Fetchmail 6.3.8
Fetchmail Fetchmail 6.2.5
Fetchmail Fetchmail 6.2.3
Fetchmail Fetchmail 5.9.11
Fetchmail Fetchmail 5.9.10
Fetchmail Fetchmail 5.9.8
Fetchmail Fetchmail 5.8.4
Fetchmail Fetchmail 5.8.3
Fetchmail Fetchmail 5.5.6
Fetchmail Fetchmail 5.5.5
Fetchmail Fetchmail 5.3.3
Fetchmail Fetchmail 5.3.1
Fetchmail Fetchmail 5.2.0
Fetchmail Fetchmail 5.1.4
Fetchmail Fetchmail 5.0.3
Fetchmail Fetchmail 5.0.2
Fetchmail Fetchmail 4.7.2
Fetchmail Fetchmail 4.7.1
Fetchmail Fetchmail 4.6.4
Fetchmail Fetchmail 4.6.3
Fetchmail Fetchmail 6.1.3
NA
CVE-2010-0562
The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, when running in verbose mode on platforms for which char is signed, allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via an SSL X.509 certificat...
Fetchmail Fetchmail 6.3.11
Fetchmail Fetchmail 6.3.12
Fetchmail Fetchmail 6.3.13
NA
CVE-2009-2666
socket.c in fetchmail prior to 6.3.11 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle malicious users to spoof arbitrary SSL servers via a crafted certificate...
Fetchmail Fetchmail 6.3.5
Fetchmail Fetchmail 6.3.3
Fetchmail Fetchmail 6.2.5.4
Fetchmail Fetchmail 6.2.6
Fetchmail Fetchmail 6.2.0
Fetchmail Fetchmail 6.1.0
Fetchmail Fetchmail 5.9.4
Fetchmail Fetchmail 5.8.14
Fetchmail Fetchmail 5.8.13
Fetchmail Fetchmail 5.8
Fetchmail Fetchmail 5.7.2
Fetchmail Fetchmail 5.5.0
Fetchmail Fetchmail 5.4.5
Fetchmail Fetchmail 5.2.7
Fetchmail Fetchmail 5.2.4
Fetchmail Fetchmail 5.0.7
Fetchmail Fetchmail 5.0.6
Fetchmail Fetchmail 4.7.7
Fetchmail Fetchmail 4.7.6
Fetchmail Fetchmail 4.6.8
Fetchmail Fetchmail 4.6.7
Fetchmail Fetchmail 4.6.0
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »