Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dovecot dovecot vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2010-0745
Unspecified vulnerability in Dovecot 1.2.x prior to 1.2.11 allows remote malicious users to cause a denial of service (CPU consumption) via long headers in an e-mail message.
Dovecot Dovecot 1.2.10
Dovecot Dovecot 1.2.0
Dovecot Dovecot 1.2.7
Dovecot Dovecot 1.2.3
Dovecot Dovecot 1.2.4
Dovecot Dovecot 1.2.1
Dovecot Dovecot 1.2.2
Dovecot Dovecot 1.2.8
Dovecot Dovecot 1.2.9
Dovecot Dovecot 1.2.5
Dovecot Dovecot 1.2.6
445
VMScore
CVE-2008-4578
The ACL plugin in Dovecot prior to 1.1.4 allows malicious users to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
Dovecot Dovecot 1.0.rc15
Dovecot Dovecot 1.0.rc14
Dovecot Dovecot 1.0.7
Dovecot Dovecot 1.0.rc22
Dovecot Dovecot 1.0.9
Dovecot Dovecot 1.0.rc25
Dovecot Dovecot 0.99.13
Dovecot Dovecot 1.0.beta2
Dovecot Dovecot 1.0.5
Dovecot Dovecot 1.0.beta6
Dovecot Dovecot 1.0.rc13
Dovecot Dovecot 1.0.rc5
Dovecot Dovecot 1.1.0
Dovecot Dovecot 1.1.1
Dovecot Dovecot 1.0.12
Dovecot Dovecot 1.1
Dovecot Dovecot 1.0.rc20
Dovecot Dovecot 1.0.rc2
Dovecot Dovecot 1.0.8
Dovecot Dovecot 1.0.rc23
Dovecot Dovecot 1.0.rc26
Dovecot Dovecot 1.0.beta1
445
VMScore
CVE-2006-5973
Off-by-one buffer overflow in Dovecot 1.0test53 up to and including 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vec...
Timo Sirainen Dovecot 1.0.alpha5
Timo Sirainen Dovecot 1.0.beta1
Timo Sirainen Dovecot 1.0.beta8
Timo Sirainen Dovecot 1.0.beta9
Timo Sirainen Dovecot 1.0.rc1
Timo Sirainen Dovecot 1.0.rc3
Timo Sirainen Dovecot 1.0.rc4
Timo Sirainen Dovecot 1.0.test54
Timo Sirainen Dovecot 1.0.test55
Timo Sirainen Dovecot 1.0.test63
Timo Sirainen Dovecot 1.0.test64
Timo Sirainen Dovecot 1.0.test71
Timo Sirainen Dovecot 1.0.test72
Timo Sirainen Dovecot 1.0.test79
Timo Sirainen Dovecot 1.0.test80
Timo Sirainen Dovecot 1.0.alpha3
Timo Sirainen Dovecot 1.0.alpha4
Timo Sirainen Dovecot 1.0.beta6
Timo Sirainen Dovecot 1.0.beta7
Timo Sirainen Dovecot 1.0.rc14
Timo Sirainen Dovecot 1.0.rc2
Timo Sirainen Dovecot 1.0.rc9
445
VMScore
CVE-2006-2414
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote malicious users to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
Timo Sirainen Dovecot 1.0 Beta7
Timo Sirainen Dovecot 1.0 Beta2
Timo Sirainen Dovecot 1.0 Beta3
Timo Sirainen Dovecot 1.0
445
VMScore
CVE-2006-0730
Multiple unspecified vulnerabilities in Dovecot prior to 1.0beta3 allow remote malicious users to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2)...
Timo Sirainen Dovecot
436
VMScore
CVE-2020-24386
An issue exists in Dovecot prior to 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email messages (and path disclosure).
Dovecot Dovecot
Debian Debian Linux 10.0
Fedoraproject Fedora 32
436
VMScore
CVE-2019-3814
It exists that Dovecot prior to 2.2.36.1 and 2.3.4.1 incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could possibly use this issue to impersonate other users.
Dovecot Dovecot
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Opensuse Leap 42.3
435
VMScore
CVE-2008-4907
The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote malicious users to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "...
Dovecot Dovecot 1.1.4
Dovecot Dovecot 1.1.5
1 EDB exploit
409
VMScore
CVE-2009-3897
Dovecot 1.2.x prior to 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the b...
Dovecot Dovecot
392
VMScore
CVE-2009-2632
Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 prior to 1.0.4 and 1.1 prior to 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted S...
Cmu Cyrus Imap Server 2.2.13
Cmu Cyrus Imap Server 2.3.14
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »