Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cyrus vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-2253
Multiple buffer overflows in Cyrus Sieve / libSieve 2.1.2 and previous versions allow remote malicious users to execute arbitrary code via (1) a long header name, (2) a long IMAP flag, or (3) a script that generates a large number of errors that overflow the resulting error strin...
Cyrus Libsieve
9.1
CVSSv3
CVE-2017-14230
In the mboxlist_do_find function in imap/mboxlist.c in Cyrus IMAP prior to 3.0.4, an off-by-one error in prefix calculation for the LIST command caused use of uninitialized memory, which might allow remote malicious users to obtain sensitive information or cause a denial of servi...
Cyrus Imap
NA
CVE-2011-3372
imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x prior to 2.4.12 allows remote malicious users to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.
Cyrus Imapd
7
CVSSv3
CVE-2020-8032
A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local malicious users to escalate to root. This issue affects: openSUSE Factory cyrus-sasl version 2.1.27-4.2 and prior versions.
Opensuse Cyrus-sasl
NA
CVE-2006-2502
Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote malicious users to execute arbitrary code via a long USER command.
Cyrus Imapd 2.3.2
3 EDB exploits
6.5
CVSSv3
CVE-2017-12843
Cyrus IMAP prior to 3.0.3 allows remote authenticated users to write to arbitrary files via a crafted (1) SYNCAPPLY, (2) SYNCGET or (3) SYNCRESTORE command.
Cyrusimap Cyrus Imap
Fedoraproject Fedora 26
NA
CVE-2000-0956
cyrus-sasl prior to 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions.
Carnegie Mellon University Cyrus-sasl 1.5.24
4.3
CVSSv3
CVE-2021-32056
Cyrus IMAP prior to 3.2.7, and 3.3.x and 3.4.x prior to 3.4.1, allows remote authenticated users to bypass intended access restrictions on server annotations and consequently cause replication to stall.
Cyrus Imap
Fedoraproject Fedora 34
Fedoraproject Fedora 35
7.5
CVSSv3
CVE-2021-33582
Cyrus IMAP prior to 3.4.2 allows remote malicious users to cause a denial of service (multiple-minute daemon hang) via input that is mishandled during hash-table interaction. Because there are many insertions into a single bucket, strcmp becomes slow. This is fixed in 3.4.2, 3.2....
Cyrus Imap
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
9.8
CVSSv3
CVE-2019-18928
Cyrus IMAP 2.5.x prior to 2.5.14 and 3.x prior to 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.
Cyrus Imap
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »