Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postfix postfix vulnerabilities and exploits
(subscribe to this query)
1.9
CVSSv2
CVE-2008-2937
Postfix 2.5 prior to 2.5.4 and 2.6 prior to 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name.
Postfix Postfix 2.5.2
Postfix Postfix 2.5.3
Postfix Postfix 2.6.0
Postfix Postfix 2.5.0
Postfix Postfix 2.5.1
7.5
CVSSv2
CVE-2007-3791
Buffer overflow in the w_read function in sockets.c in Cami Sardinha and Nigel Kukard policyd prior to 1.81 for Postfix allows remote malicious users to cause a denial of service and possibly execute arbitrary code via long SMTP commands. NOTE: some of these details are obtained ...
Policyd Policyd 1.71
Policyd Policyd 1.72
Policyd Policyd 1.73
Policyd Policyd 1.80
Policyd Policyd 1.74
Policyd Policyd 1.75
Policyd Policyd 1.70
Policyd Policyd 1.78
Policyd Policyd 1.79
Policyd Policyd 1.76
Policyd Policyd 1.77
7.5
CVSSv2
CVE-2006-2753
SQL injection vulnerability in MySQL 4.1.x prior to 4.1.20 and 5.0.x prior to 5.0.22 allows context-dependent malicious users to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the m...
Mysql Mysql 4.1.14
Mysql Mysql 4.1.15
Oracle Mysql 4.1.4
Oracle Mysql 4.1.5
Mysql Mysql 5.0.10
Oracle Mysql 5.0.11
Oracle Mysql 5.0.12
Oracle Mysql 5.0.19
Mysql Mysql 5.0.2
Oracle Mysql 5.0.6
Oracle Mysql 5.0.7
Mysql Mysql 4.1.12
Mysql Mysql 4.1.13
Mysql Mysql 4.1.2
Mysql Mysql 4.1.3
Mysql Mysql 5.0.0
Mysql Mysql 5.0.1
Mysql Mysql 4.1.0
Oracle Mysql 4.1.1
Oracle Mysql 4.1.16
Oracle Mysql 4.1.17
Oracle Mysql 4.1.6
7.5
CVSSv2
CVE-2006-2313
PostgreSQL 8.1.x prior to 8.1.4, 8.0.x prior to 8.0.8, 7.4.x prior to 7.4.13, 7.3.x prior to 7.3.15, and previous versions versions allows context-dependent malicious users to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, a...
Postgresql Postgresql 7.3
Postgresql Postgresql 7.3.2
Postgresql Postgresql 7.3.3
Postgresql Postgresql 7.4.1
Postgresql Postgresql 7.4.10
Postgresql Postgresql 7.4.6
Postgresql Postgresql 7.4.7
Postgresql Postgresql 8.0.4
Postgresql Postgresql 8.0.5
Postgresql Postgresql 7.3.13
Postgresql Postgresql 7.3.14
Postgresql Postgresql 7.3.8
Postgresql Postgresql 7.3.9
Postgresql Postgresql 7.4
Postgresql Postgresql 7.4.4
Postgresql Postgresql 7.4.5
Postgresql Postgresql 8.0.2
Postgresql Postgresql 8.0.3
Postgresql Postgresql 8.1.3
Postgresql Postgresql 7.3.1
Postgresql Postgresql 7.3.10
Postgresql Postgresql 7.3.4
7.5
CVSSv2
CVE-2006-2314
PostgreSQL 8.1.x prior to 8.1.4, 8.0.x prior to 8.0.8, 7.4.x prior to 7.4.13, 7.3.x prior to 7.3.15, and previous versions versions allows context-dependent malicious users to bypass SQL injection protection methods in applications that use multibyte encodings that allow the &quo...
Postgresql Postgresql 7.3
Postgresql Postgresql 7.3.1
Postgresql Postgresql 7.3.3
Postgresql Postgresql 7.3.4
Postgresql Postgresql 7.4.1
Postgresql Postgresql 7.4.10
Postgresql Postgresql 7.4.7
Postgresql Postgresql 7.4.8
Postgresql Postgresql 8.0.5
Postgresql Postgresql 8.0.6
Postgresql Postgresql 7.3.14
Postgresql Postgresql 7.3.2
Postgresql Postgresql 7.3.10
Postgresql Postgresql 7.3.9
Postgresql Postgresql 7.4
Postgresql Postgresql 7.4.5
Postgresql Postgresql 7.4.6
Postgresql Postgresql 8.0.3
Postgresql Postgresql 8.0.4
Postgresql Postgresql 8.1.3
Postgresql Postgresql 7.3.11
Postgresql Postgresql 7.3.5
2.6
CVSSv2
CVE-2006-1721
digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions prior to 2.1.21, allows remote unauthenticated malicious users to cause a denial of service (segmentation fault) via malformed inputs in DIGEST-MD5 negotiation...
Cyrus Sasl 2.1.18 R1
Cyrus Sasl 2.1.18 R2
Cyrus Sasl 2.1.19
Cyrus Sasl 2.1.20
Cyrus Sasl 2.1.18
7.5
CVSSv2
CVE-2005-1100
Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon (GLD) 1.3 and 1.4 allows remote malicious users to execute arbitrary code via format string specifiers in data that is passed directly to syslog.
Salim Gasmi Gld 1.3
Salim Gasmi Gld 1.4
1 EDB exploit
7.5
CVSSv2
CVE-2005-0337
Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote malicious users to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname.
Wietse Venema Postfix 2.1.3
Redhat Enterprise Linux 4.0
Suse Suse Linux 9.0
Suse Suse Linux 9.1
Suse Suse Linux 8.2
Suse Suse Linux 8.0
Suse Suse Linux 8.1
Redhat Enterprise Linux Desktop 4.0
Suse Suse Linux 9.2
5
CVSSv2
CVE-2005-1127
Format string vulnerability in the log function in Net::Server 0.87 and previous versions, as used in Postfix Greylisting Policy Server (Postgrey) 1.18 and previous versions, and possibly other products, allows remote malicious users to cause a denial of service (crash) via forma...
Postgrey Postgrey 1.18
Postgrey Postgrey
Postgrey Postgrey 1.17
10
CVSSv2
CVE-2005-1099
Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote malicious users to execute arbitrary code.
Salim Gasmi Gld 1.3.1
Salim Gasmi Gld 1.4
Salim Gasmi Gld 1.0
Salim Gasmi Gld 1.1
Salim Gasmi Gld 1.2
Salim Gasmi Gld 1.3
3 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »