Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imap vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2013-0289
Isync 0.4 prior to 1.0.6, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary valid certificate...
Isync Project Isync 1.0.5
Isync Project Isync 1.0.4
Isync Project Isync 0.8
Isync Project Isync 0.7
Isync Project Isync 0.6
Isync Project Isync 0.5
Isync Project Isync 1.0.3
Isync Project Isync 1.0.2
Isync Project Isync 1.0.1
Isync Project Isync 1.0.0
Isync Project Isync 0.4
660
VMScore
CVE-2007-3925
Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 prior to 2006.21 allow remote authenticated users to execute arbitrary code via the (1) Search or (2) Search Charset command.
Ipswitch Imail Server
Ipswitch Ipswitch Collaboration Suite
2 EDB exploits
1000
VMScore
CVE-2001-1009
Fetchmail (aka fetchmail-ssl) prior to 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request.
Fetchmail Fetchmail 5.6.0
Fetchmail Fetchmail 5.2.1
Fetchmail Fetchmail 4.7.6
Fetchmail Fetchmail 4.6.4
Fetchmail Fetchmail 5.4.3
Fetchmail Fetchmail 5.8.4
Fetchmail Fetchmail 4.7.0
Fetchmail Fetchmail 5.8
Fetchmail Fetchmail 5.0.1
Fetchmail Fetchmail 4.7.3
Fetchmail Fetchmail 5.4.5
Fetchmail Fetchmail 4.5.2
Fetchmail Fetchmail 5.0.5
Fetchmail Fetchmail 5.2.4
Fetchmail Fetchmail 5.3.0
Fetchmail Fetchmail 4.7.4
Fetchmail Fetchmail 5.8.11
Fetchmail Fetchmail 4.6.8
Fetchmail Fetchmail 5.5.6
Fetchmail Fetchmail 5.8.2
Fetchmail Fetchmail 4.6.2
Fetchmail Fetchmail
2 EDB exploits
445
VMScore
CVE-2020-10957
In Dovecot prior to 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp.
Dovecot Dovecot
445
VMScore
CVE-2020-10958
In Dovecot prior to 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-login, submission, or lmtp, and can lead to a crash under circumstances involving many newlines after a command.
Dovecot Dovecot
445
VMScore
CVE-2020-10967
In Dovecot prior to 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart.
Dovecot Dovecot
660
VMScore
CVE-2008-1358
Stack-based buffer overflow in the IMAP server in Alt-N Technologies MDaemon 9.6.4 allows remote authenticated users to execute arbitrary code via a FETCH command with a long BODY.
Altn Mdaemon 9.6.4
2 EDB exploits
510
VMScore
CVE-2004-1546
Multiple buffer overflows in MDaemon 6.5.1 allow remote malicious users to cause a denial of service (application crash) via a long (1) SAML, SOML, SEND, or MAIL command to the SMTP server or (2) LIST command to the IMAP server.
Alt-n Mdaemon 6.5.1
2 EDB exploits
516
VMScore
CVE-2021-20247
A flaw was found in mbsync before v1.3.5 and v1.4.1. Validations of the mailbox names returned by IMAP LIST/LSUB do not occur allowing a malicious or compromised server to use specially crafted mailbox names containing '..' path components to access data outside the des...
Mbsync Project Mbsync
Debian Debian Linux 9.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Extra Packages For Enterprise Linux 8.0
1000
VMScore
CVE-2005-1255
Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allow remote malicious users to execute arbitrary code via a LOGIN command with (1) a long username argument...
Ipswitch Ipswitch Collaboration Suite
Ipswitch Imail 8.12
Ipswitch Imail 8.13
Ipswitch Imail Server
3 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »