Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mutt mutt vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2009-3765
mutt_ssl.c in mutt 1.5.19 and 1.5.20, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle malicious users to spoof arbitrary SSL servers via...
Mutt Mutt 1.5.19
Mutt Mutt 1.5.20
605
VMScore
CVE-2009-3766
mutt_ssl.c in mutt 1.5.16 and other versions prior to 1.5.19, when OpenSSL is used, does not verify the domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary valid cer...
Mutt Mutt
605
VMScore
CVE-2009-1390
Mutt 1.5.19, when linked against (1) OpenSSL (mutt_ssl.c) or (2) GnuTLS (mutt_ssl_gnutls.c), allows connections when only one TLS certificate in the chain is accepted instead of verifying the entire chain, which allows remote malicious users to spoof trusted servers via a man-in-...
Mutt Mutt 1.5.19
516
VMScore
CVE-2021-32055
Mutt 1.11.0 up to and including 2.0.x prior to 2.0.7 (and NeoMutt 2019-10-25 through 2021-05-04) has a $imap_qresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma. NOTE: the $imap_qresync setting for QRESYNC is not...
Mutt Mutt
Neomutt Neomutt
516
VMScore
CVE-2020-14154
Mutt prior to 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate.
Mutt Mutt
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
516
VMScore
CVE-2011-1429
Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle malicious users to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than CVE-2009-3766.
Mutt Mutt
445
VMScore
CVE-2022-1328
Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 prior to 2.2.3 allows read past end of input line
Mutt Mutt
Debian Debian Linux 9.0
Fedoraproject Fedora 36
445
VMScore
CVE-2018-14355
An issue exists in Mutt prior to 1.10.1 and NeoMutt prior to 2018-07-16. imap/util.c mishandles ".." directory traversal in a mailbox name.
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Mutt Mutt
Neomutt Neomutt
Canonical Ubuntu Linux 16.04
445
VMScore
CVE-2018-14363
An issue exists in NeoMutt prior to 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames.
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Neomutt Neomutt
445
VMScore
CVE-2014-9116
The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote malicious users to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt...
Suse Linux Enterprise Desktop 12
Suse Suse Linux Enterprise Server 12
Mutt Mutt 1.5.23
Debian Debian Linux 7.0
Mageia Mageia 4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »