Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imap vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1498
Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3.8k4-4 and previous versions allows remote authenticated users to execute arbitrary code via a long first argument to the LIST command.
Netwin Surgemail
1 EDB exploit
NA
CVE-2010-4711
Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise prior to 8.02HP allows remote malicious users to execute arbitrary code via a large parameter in a LIST command.
Novell Groupwise 5.57e
Novell Groupwise 6.0
Novell Groupwise 6.0.1
Novell Groupwise 6.5
Novell Groupwise 7.0
Novell Groupwise 7.0.2
Novell Groupwise 7.0.3
Novell Groupwise 4.1a
Novell Groupwise 5.1
Novell Groupwise 5.5
Novell Groupwise 6.5.2
Novell Groupwise 7.0.4
Novell Groupwise 8.0
Novell Groupwise
Novell Groupwise 5.2
Novell Groupwise 4.1
Novell Groupwise 6.5.4
Novell Groupwise 6.5.6
Novell Groupwise 6.5.7
Novell Groupwise 5.0
Novell Groupwise 6.5.3
Novell Groupwise 7.0.1
1 EDB exploit
NA
CVE-2006-0925
Format string vulnerability in the IMAP4rev1 server in Alt-N MDaemon 8.1.1 and possibly 8.1.4 allows remote malicious users to cause a denial of service (CPU consumption) by creating and then listing folders whose names contain format string specifiers.
Alt-n Mdaemon 8.1.4
Alt-n Mdaemon 8.1.1
1 EDB exploit
7.5
CVSSv3
CVE-2021-40110
In Apache James, using Jazzer fuzzer, we identified that an IMAP user can craft IMAP LIST commands to orchestrate a Denial Of Service using a vulnerable Regular expression. This affected Apache James before 3.6.1 We recommend upgrading to Apache James 3.6.1 or higher , which enfo...
Apache James
NA
CVE-2010-4717
Multiple stack-based buffer overflows in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise prior to 8.02HP allow remote malicious users to execute arbitrary code via a long (1) LIST or (2) LSUB command.
Novell Groupwise 6.5
Novell Groupwise 6.5.2
Novell Groupwise 6.5.3
Novell Groupwise 6.5.4
Novell Groupwise 7.0.1
Novell Groupwise 8.0
Novell Groupwise 8.0.1
Novell Groupwise
Novell Groupwise 5.2
Novell Groupwise 4.1a
Novell Groupwise 5.57e
Novell Groupwise 6.0.1
Novell Groupwise 6.0
Novell Groupwise 6.5.6
Novell Groupwise 7.0.2
Novell Groupwise 7.0.4
Novell Groupwise 5.0
Novell Groupwise 5.1
Novell Groupwise 5.5
Novell Groupwise 4.1
Novell Groupwise 6.5.7
Novell Groupwise 7.0
1 EDB exploit
NA
CVE-2006-6762
The IMAP daemon (IMAPD) in Novell NetMail prior to 3.52e FTF2 allows remote authenticated users to cause a denial of service via an APPEND command with a single "(" (parenthesis) in the argument.
Novell Netmail 3.5.2
NA
CVE-2005-3813
IMAP service (meimaps.exe) of MailEnable Professional 1.7 and Enterprise 1.1 allows remote authenticated malicious users to cause a denial of service (application crash) by using RENAME with a non-existent mailbox, a different vulnerability than CVE-2005-3690.
Mailenable Mailenable Enterprise 1.1
Mailenable Mailenable Professional 1.7
1 EDB exploit
NA
CVE-2007-1579
Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote malicious users to have an unknown impact via a certain SUBSCRIBE command.
Atrium Software Mercur Messaging 2005 Sp4
Atrium Software Mercur Imapd
Atrium Software Mercur Messaging 2005 5.0 Sp3
1 EDB exploit
6.8
CVSSv3
CVE-2020-24386
An issue exists in Dovecot prior to 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email messages (and path disclosure).
Dovecot Dovecot
Debian Debian Linux 10.0
Fedoraproject Fedora 32
NA
CVE-2006-3242
Stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt 1.4.2.1 and previous versions allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via long namespaces received from the IMAP server.
Mutt Mutt 1.4.2.1
Mutt Mutt 1.4.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »