Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imap vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2013-0289
Isync 0.4 prior to 1.0.6, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary valid certificate...
Isync Project Isync 1.0.5
Isync Project Isync 1.0.4
Isync Project Isync 0.8
Isync Project Isync 0.7
Isync Project Isync 0.6
Isync Project Isync 0.5
Isync Project Isync 1.0.3
Isync Project Isync 1.0.2
Isync Project Isync 1.0.1
Isync Project Isync 1.0.0
Isync Project Isync 0.4
10
CVSSv2
CVE-2001-1009
Fetchmail (aka fetchmail-ssl) prior to 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request.
Fetchmail Fetchmail 5.6.0
Fetchmail Fetchmail 5.2.1
Fetchmail Fetchmail 4.7.6
Fetchmail Fetchmail 4.6.4
Fetchmail Fetchmail 5.4.3
Fetchmail Fetchmail 5.8.4
Fetchmail Fetchmail 4.7.0
Fetchmail Fetchmail 5.8
Fetchmail Fetchmail 5.0.1
Fetchmail Fetchmail 4.7.3
Fetchmail Fetchmail 5.4.5
Fetchmail Fetchmail 4.5.2
Fetchmail Fetchmail 5.0.5
Fetchmail Fetchmail 5.2.4
Fetchmail Fetchmail 5.3.0
Fetchmail Fetchmail 4.7.4
Fetchmail Fetchmail 5.8.11
Fetchmail Fetchmail 4.6.8
Fetchmail Fetchmail 5.5.6
Fetchmail Fetchmail 5.8.2
Fetchmail Fetchmail 4.6.2
Fetchmail Fetchmail
2 EDB exploits
6.5
CVSSv2
CVE-2007-3925
Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 prior to 2006.21 allow remote authenticated users to execute arbitrary code via the (1) Search or (2) Search Charset command.
Ipswitch Imail Server
Ipswitch Ipswitch Collaboration Suite
2 EDB exploits
5
CVSSv2
CVE-2020-10957
In Dovecot prior to 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp.
Dovecot Dovecot
5
CVSSv2
CVE-2020-10958
In Dovecot prior to 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-login, submission, or lmtp, and can lead to a crash under circumstances involving many newlines after a command.
Dovecot Dovecot
5
CVSSv2
CVE-2020-10967
In Dovecot prior to 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart.
Dovecot Dovecot
6.5
CVSSv2
CVE-2008-1358
Stack-based buffer overflow in the IMAP server in Alt-N Technologies MDaemon 9.6.4 allows remote authenticated users to execute arbitrary code via a FETCH command with a long BODY.
Altn Mdaemon 9.6.4
2 EDB exploits
5
CVSSv2
CVE-2004-1546
Multiple buffer overflows in MDaemon 6.5.1 allow remote malicious users to cause a denial of service (application crash) via a long (1) SAML, SOML, SEND, or MAIL command to the SMTP server or (2) LIST command to the IMAP server.
Alt-n Mdaemon 6.5.1
2 EDB exploits
5.8
CVSSv2
CVE-2021-20247
A flaw was found in mbsync before v1.3.5 and v1.4.1. Validations of the mailbox names returned by IMAP LIST/LSUB do not occur allowing a malicious or compromised server to use specially crafted mailbox names containing '..' path components to access data outside the des...
Mbsync Project Mbsync
Debian Debian Linux 9.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Extra Packages For Enterprise Linux 8.0
10
CVSSv2
CVE-2005-1255
Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allow remote malicious users to execute arbitrary code via a LOGIN command with (1) a long username argument...
Ipswitch Ipswitch Collaboration Suite
Ipswitch Imail 8.12
Ipswitch Imail 8.13
Ipswitch Imail Server
3 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »