Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dovecot vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2011-2167
script-login in Dovecot 2.0.x prior to 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
Dovecot Dovecot 2.0.10
Dovecot Dovecot 2.0.2
Dovecot Dovecot 2.0.3
Dovecot Dovecot 2.0.9
Dovecot Dovecot 2.0.4
Dovecot Dovecot 2.0.5
Dovecot Dovecot 2.0.6
Dovecot Dovecot 2.0.11
Dovecot Dovecot 2.0.0
Dovecot Dovecot 2.0.1
Dovecot Dovecot 2.0.7
Dovecot Dovecot 2.0.8
Dovecot Dovecot 2.0.12
6.4
CVSSv2
CVE-2010-3304
The ACL plugin in Dovecot 1.2.x prior to 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote malicious users to read mailboxes that have unintended weak ACLs.
Dovecot Dovecot 1.2.2
Dovecot Dovecot 1.2.3
Dovecot Dovecot 1.2.12
Dovecot Dovecot 1.2.10
Dovecot Dovecot 1.2.11
Dovecot Dovecot 1.2.8
Dovecot Dovecot 1.2.9
Dovecot Dovecot 1.2.4
Dovecot Dovecot 1.2.5
Dovecot Dovecot 1.2.0
Dovecot Dovecot 1.2.1
Dovecot Dovecot 1.2.6
Dovecot Dovecot 1.2.7
4.4
CVSSv2
CVE-2008-1199
Dovecot prior to 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
Dovecot Dovecot 1.0.4
Dovecot Dovecot 1.0.5
Dovecot Dovecot 1.0.beta7
Dovecot Dovecot 1.0.beta8
Dovecot Dovecot 1.0.rc2
Dovecot Dovecot 1.0.rc3
Dovecot Dovecot 1.0 Rc29
Dovecot Dovecot 1.0
Dovecot Dovecot 1.0.10
Dovecot Dovecot 1.0.8
Dovecot Dovecot 1.0.9
Dovecot Dovecot 1.0.rc11
Dovecot Dovecot 1.0.rc12
Dovecot Dovecot 1.0.rc13
Dovecot Dovecot 1.0.rc6
Dovecot Dovecot 1.0.rc7
Dovecot Dovecot 0.99.13
Dovecot Dovecot 0.99.14
Dovecot Dovecot 1.0.6
Dovecot Dovecot 1.0.7
Dovecot Dovecot 1.0.rc1
Dovecot Dovecot 1.0.rc10
7.5
CVSSv2
CVE-2009-3235
Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 prior to 1.0.4 and 1.1 prior to 1.1.7, as derived from Cyrus libsieve, allow context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE scr...
Dovecot Dovecot 1.0.2
Dovecot Dovecot 1.0.3
Dovecot Dovecot 1.1.5
Dovecot Dovecot 1.1.6
Dovecot Dovecot 1.0.1
Dovecot Dovecot 1.1.1
Dovecot Dovecot 1.1.2
Dovecot Dovecot 1.1
Dovecot Dovecot 1.1.0
Dovecot Dovecot 1.0
Dovecot Dovecot 1.1.3
Dovecot Dovecot 1.1.4
5
CVSSv2
CVE-2010-0745
Unspecified vulnerability in Dovecot 1.2.x prior to 1.2.11 allows remote malicious users to cause a denial of service (CPU consumption) via long headers in an e-mail message.
Dovecot Dovecot 1.2.10
Dovecot Dovecot 1.2.0
Dovecot Dovecot 1.2.7
Dovecot Dovecot 1.2.3
Dovecot Dovecot 1.2.4
Dovecot Dovecot 1.2.1
Dovecot Dovecot 1.2.2
Dovecot Dovecot 1.2.8
Dovecot Dovecot 1.2.9
Dovecot Dovecot 1.2.5
Dovecot Dovecot 1.2.6
4.3
CVSSv2
CVE-2007-2231
Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot prior to 1.0.rc29, when using the zlib plugin, allows remote malicious users to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
Dovecot Dovecot 1.0.beta4
Dovecot Dovecot 1.0.beta5
Dovecot Dovecot 1.0.rc11
Dovecot Dovecot 1.0.rc12
Dovecot Dovecot 1.0.rc2
Dovecot Dovecot 1.0.rc20
Dovecot Dovecot 1.0.rc27
Dovecot Dovecot 1.0.rc28
Dovecot Dovecot 1.0.rc9
Dovecot Dovecot 1.0.beta2
Dovecot Dovecot 1.0.beta3
Dovecot Dovecot 1.0.rc1
Dovecot Dovecot 1.0.rc10
Dovecot Dovecot 1.0.rc18
Dovecot Dovecot 1.0.rc19
Dovecot Dovecot 1.0.rc25
Dovecot Dovecot 1.0.rc26
Dovecot Dovecot 1.0.rc7
Dovecot Dovecot 1.0.rc8
Dovecot Dovecot 1.0.beta6
Dovecot Dovecot 1.0.beta7
Dovecot Dovecot 1.0.rc13
5
CVSSv2
CVE-2013-2111
The IMAP functionality in Dovecot prior to 2.2.2 allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via invalid APPEND parameters.
Dovecot Dovecot 2.2
Dovecot Dovecot 2.2.0
Dovecot Dovecot
4.3
CVSSv2
CVE-2008-4907
The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote malicious users to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "...
Dovecot Dovecot 1.1.4
Dovecot Dovecot 1.1.5
1 EDB exploit
NA
CVE-2022-30550
An issue exists in the auth component in Dovecot 2.2 and 2.3 prior to 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied setti...
Dovecot Dovecot
Dovecot Dovecot 2.2
Debian Debian Linux 10.0
5
CVSSv2
CVE-2006-5973
Off-by-one buffer overflow in Dovecot 1.0test53 up to and including 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vec...
Timo Sirainen Dovecot 1.0.alpha5
Timo Sirainen Dovecot 1.0.beta1
Timo Sirainen Dovecot 1.0.beta8
Timo Sirainen Dovecot 1.0.beta9
Timo Sirainen Dovecot 1.0.rc1
Timo Sirainen Dovecot 1.0.rc3
Timo Sirainen Dovecot 1.0.rc4
Timo Sirainen Dovecot 1.0.test54
Timo Sirainen Dovecot 1.0.test55
Timo Sirainen Dovecot 1.0.test63
Timo Sirainen Dovecot 1.0.test64
Timo Sirainen Dovecot 1.0.test71
Timo Sirainen Dovecot 1.0.test72
Timo Sirainen Dovecot 1.0.test79
Timo Sirainen Dovecot 1.0.test80
Timo Sirainen Dovecot 1.0.alpha3
Timo Sirainen Dovecot 1.0.alpha4
Timo Sirainen Dovecot 1.0.beta6
Timo Sirainen Dovecot 1.0.beta7
Timo Sirainen Dovecot 1.0.rc14
Timo Sirainen Dovecot 1.0.rc2
Timo Sirainen Dovecot 1.0.rc9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »