Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imap vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3925
Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 prior to 2006.21 allow remote authenticated users to execute arbitrary code via the (1) Search or (2) Search Charset command.
Ipswitch Ipswitch Collaboration Suite
Ipswitch Imail Server
2 EDB exploits
NA
CVE-2001-1009
Fetchmail (aka fetchmail-ssl) prior to 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request.
Fetchmail Fetchmail 5.8.13
Fetchmail Fetchmail 5.8.11
Fetchmail Fetchmail 5.8.5
Fetchmail Fetchmail 5.8.4
Fetchmail Fetchmail 5.4.4
Fetchmail Fetchmail 5.4.3
Fetchmail Fetchmail 5.3.8
Fetchmail Fetchmail 5.3.3
Fetchmail Fetchmail 5.0.6
Fetchmail Fetchmail 5.0.5
Fetchmail Fetchmail 5.0.4
Fetchmail Fetchmail 5.8.2
Fetchmail Fetchmail 5.8
Fetchmail Fetchmail 5.5.2
Fetchmail Fetchmail 5.4.5
Fetchmail Fetchmail 5.3.1
Fetchmail Fetchmail 5.2.8
Fetchmail Fetchmail 5.1.0
Fetchmail Fetchmail 5.0.7
Fetchmail Fetchmail 5.0.0
Fetchmail Fetchmail 4.7.6
Fetchmail Fetchmail 4.7.1
2 EDB exploits
7.5
CVSSv3
CVE-2020-10957
In Dovecot prior to 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp.
Dovecot Dovecot
5.3
CVSSv3
CVE-2020-10958
In Dovecot prior to 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-login, submission, or lmtp, and can lead to a crash under circumstances involving many newlines after a command.
Dovecot Dovecot
5.3
CVSSv3
CVE-2020-10967
In Dovecot prior to 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart.
Dovecot Dovecot
NA
CVE-2008-1358
Stack-based buffer overflow in the IMAP server in Alt-N Technologies MDaemon 9.6.4 allows remote authenticated users to execute arbitrary code via a FETCH command with a long BODY.
Altn Mdaemon 9.6.4
2 EDB exploits
NA
CVE-2004-1546
Multiple buffer overflows in MDaemon 6.5.1 allow remote malicious users to cause a denial of service (application crash) via a long (1) SAML, SOML, SEND, or MAIL command to the SMTP server or (2) LIST command to the IMAP server.
Alt-n Mdaemon 6.5.1
2 EDB exploits
7.4
CVSSv3
CVE-2021-20247
A flaw was found in mbsync before v1.3.5 and v1.4.1. Validations of the mailbox names returned by IMAP LIST/LSUB do not occur allowing a malicious or compromised server to use specially crafted mailbox names containing '..' path components to access data outside the des...
Mbsync Project Mbsync
Debian Debian Linux 9.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Extra Packages For Enterprise Linux 8.0
NA
CVE-2005-1255
Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allow remote malicious users to execute arbitrary code via a LOGIN command with (1) a long username argument...
Ipswitch Imail 8.12
Ipswitch Imail 8.13
Ipswitch Ipswitch Collaboration Suite
Ipswitch Imail Server
3 EDB exploits
NA
CVE-2006-0188
webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote malicious users to inject arbitrary web pages into the right frame via a URL in the right_frame parameter. NOTE: this has been called a cross-site scripting (XSS) issue, but it is different than what is normally identified ...
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.4.4
Squirrelmail Squirrelmail 1.4.3 R3
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.6 Rc1
Squirrelmail Squirrelmail 1.4 Rc1
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.4 Rc1
Squirrelmail Squirrelmail 1.4.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »