Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dovecot dovecot - vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-3420
The ssl-proxy-openssl.c function in Dovecot prior to 2.2.17, when SSLv3 is disabled, allow remote malicious users to cause a denial of service (login process crash) via vectors related to handshake failures.
Dovecot Dovecot
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Fedoraproject Fedora 22
5
CVSSv2
CVE-2013-2111
The IMAP functionality in Dovecot prior to 2.2.2 allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via invalid APPEND parameters.
Dovecot Dovecot 2.2
Dovecot Dovecot 2.2.0
Dovecot Dovecot
5.8
CVSSv2
CVE-2013-6171
checkpassword-reply in Dovecot prior to 2.2.7 performs setuid operations to a user who is authenticating, which allows local users to bypass authentication and access virtual email accounts by attaching to the process and using a restricted file descriptor to modify account infor...
Dovecot Dovecot 2.0.12
Dovecot Dovecot 2.0.13
Dovecot Dovecot 2.0.6
Dovecot Dovecot 2.0.7
Dovecot Dovecot 2.1
Dovecot Dovecot 2.1.0
Dovecot Dovecot 2.1.15
Dovecot Dovecot 2.1.2
Dovecot Dovecot 2.2.5
Dovecot Dovecot 2.2.4
Dovecot Dovecot 2.2
Dovecot Dovecot 2.0
Dovecot Dovecot 2.0.14
Dovecot Dovecot 2.0.15
Dovecot Dovecot 2.0.8
Dovecot Dovecot 2.0.9
Dovecot Dovecot 2.1.1
Dovecot Dovecot 2.1.10
Dovecot Dovecot 2.1.3
Dovecot Dovecot 2.1.4
Dovecot Dovecot 2.2.3
Dovecot Dovecot 2.2.2
5.8
CVSSv2
CVE-2011-4318
Dovecot 2.0.x prior to 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle mali...
Dovecot Dovecot 2.0.3
Dovecot Dovecot 2.0.4
Dovecot Dovecot 2.0.5
Dovecot Dovecot 2.0.6
Dovecot Dovecot 2.0.7
Dovecot Dovecot 2.0.1
Dovecot Dovecot 2.0.8
Dovecot Dovecot 2.0.10
Dovecot Dovecot 2.0.0
Dovecot Dovecot 2.0.2
Dovecot Dovecot 2.0.9
Dovecot Dovecot 2.0.11
Dovecot Dovecot 2.0.12
Dovecot Dovecot 2.0.13
Dovecot Dovecot 2.0.14
Dovecot Dovecot 2.0.15
5
CVSSv2
CVE-2011-1929
lib-mail/message-header-parser.c in Dovecot 1.2.x prior to 1.2.17 and 2.0.x prior to 2.0.13 does not properly handle '\0' characters in header names, which allows remote malicious users to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-ma...
Dovecot Dovecot 1.2.2
Dovecot Dovecot 1.2.3
Dovecot Dovecot 1.2.13
Dovecot Dovecot 1.2.15
Dovecot Dovecot 1.2.9
Dovecot Dovecot 1.2.10
Dovecot Dovecot 1.2.1
Dovecot Dovecot 1.2.12
Dovecot Dovecot 1.2.0
Dovecot Dovecot 1.2.4
Dovecot Dovecot 1.2.5
Dovecot Dovecot 1.2.14
Dovecot Dovecot 1.2.16
Dovecot Dovecot 1.2.11
Dovecot Dovecot 1.2.8
Dovecot Dovecot 1.2.6
Dovecot Dovecot 1.2.7
Dovecot Dovecot 2.0.3
Dovecot Dovecot 2.0.0
Dovecot Dovecot 2.0.11
Dovecot Dovecot 2.0.12
Dovecot Dovecot 2.0.5
6.5
CVSSv2
CVE-2011-2166
script-login in Dovecot 2.0.x prior to 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
Dovecot Dovecot 2.0.9
Dovecot Dovecot 2.0.4
Dovecot Dovecot 2.0.7
Dovecot Dovecot 2.0.8
Dovecot Dovecot 2.0.1
Dovecot Dovecot 2.0.12
Dovecot Dovecot 2.0.10
Dovecot Dovecot 2.0.5
Dovecot Dovecot 2.0.2
Dovecot Dovecot 2.0.6
Dovecot Dovecot 2.0.11
Dovecot Dovecot 2.0.3
Dovecot Dovecot 2.0.0
6.5
CVSSv2
CVE-2011-2167
script-login in Dovecot 2.0.x prior to 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
Dovecot Dovecot 2.0.10
Dovecot Dovecot 2.0.2
Dovecot Dovecot 2.0.3
Dovecot Dovecot 2.0.9
Dovecot Dovecot 2.0.4
Dovecot Dovecot 2.0.5
Dovecot Dovecot 2.0.6
Dovecot Dovecot 2.0.11
Dovecot Dovecot 2.0.0
Dovecot Dovecot 2.0.1
Dovecot Dovecot 2.0.7
Dovecot Dovecot 2.0.8
Dovecot Dovecot 2.0.12
4
CVSSv2
CVE-2010-4011
Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a...
Apple Mac Os X Server 10.6.5
3.5
CVSSv2
CVE-2010-3779
Dovecot 1.2.x prior to 1.2.15 and 2.0.x prior to 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by ...
Dovecot Dovecot 1.2.4
Dovecot Dovecot 1.2.5
Dovecot Dovecot 1.2.13
Dovecot Dovecot 1.2.14
Dovecot Dovecot 1.2.2
Dovecot Dovecot 1.2.3
Dovecot Dovecot 1.2.10
Dovecot Dovecot 1.2.11
Dovecot Dovecot 1.2.12
Dovecot Dovecot 1.2.0
Dovecot Dovecot 1.2.1
Dovecot Dovecot 1.2.8
Dovecot Dovecot 1.2.9
Dovecot Dovecot 1.2.6
Dovecot Dovecot 1.2.7
Dovecot Dovecot 2.0
4
CVSSv2
CVE-2010-3780
Dovecot 1.2.x prior to 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
Dovecot Dovecot 1.2.3
Dovecot Dovecot 1.2.4
Dovecot Dovecot 1.2.11
Dovecot Dovecot 1.2.12
Dovecot Dovecot 1.2.1
Dovecot Dovecot 1.2.2
Dovecot Dovecot 1.2.9
Dovecot Dovecot 1.2.10
Dovecot Dovecot 1.2.0
Dovecot Dovecot 1.2.7
Dovecot Dovecot 1.2.8
Dovecot Dovecot 1.2.5
Dovecot Dovecot 1.2.6
Dovecot Dovecot 1.2.13
Dovecot Dovecot 1.2.14
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »