Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cyrus imap server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2001-1154
Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote malicious users to cause a denial of service (hang) using PHP IMAP clients.
Carnegie Mellon University Cyrus Imap Server 1.6.24
Carnegie Mellon University Cyrus Imap Server 2.0.15
Carnegie Mellon University Cyrus Imap Server 2.0.16
Bsdi Bsd Os 4.2
4
CVSSv2
CVE-2021-32056
Cyrus IMAP prior to 3.2.7, and 3.3.x and 3.4.x prior to 3.4.1, allows remote authenticated users to bypass intended access restrictions on server annotations and consequently cause replication to stall.
Cyrus Imap
Fedoraproject Fedora 34
Fedoraproject Fedora 35
3.5
CVSSv2
CVE-2019-19783
An issue exists in Cyrus IMAP prior to 2.5.15, 3.0.x prior to 3.0.13, and 3.1.x up to and including 3.1.8. If sieve script uploading is allowed (3.x) or certain non-default sieve options are enabled (2.x), a user with a mail account on the service can use a sieve script containin...
Cyrus Imap
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
7.5
CVSSv2
CVE-2005-0546
Multiple buffer overflows in Cyrus IMAPd prior to 2.2.11 may allow malicious users to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews,...
Cyrus Imapd 2.0.17
Cyrus Imapd 2.1.16
Cyrus Imapd 2.1.17
Cyrus Imapd 2.1.18
Cyrus Imapd 2.2.10
7.5
CVSSv2
CVE-2011-3372
imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x prior to 2.4.12 allows remote malicious users to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.
Cyrus Imapd
7.5
CVSSv2
CVE-2019-11356
The CalDAV feature in httpd in Cyrus IMAP 2.5.x up to and including 2.5.12 and 3.0.x up to and including 3.0.9 allows remote malicious users to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.
Cyrus Imap
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
4.6
CVSSv2
CVE-2004-1089
Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus IMAP allows local users to access mailboxes of other users.
Apple Darwin Streaming Server 5.0.1
Apple Quicktime Streaming Server 4.1.1
Apple Darwin Streaming Server 4.1.3
Apple Mac Os X 10.2
Apple Mac Os X 10.2.8
Apple Mac Os X 10.3
Apple Mac Os X Server 10.2
Apple Mac Os X Server 10.2.1
Apple Mac Os X Server 10.2.8
Apple Mac Os X Server 10.3
Apple Mac Os X 10.2.6
Apple Mac Os X 10.2.7
Apple Mac Os X 10.3.5
Apple Mac Os X 10.3.6
Apple Mac Os X Server 10.2.6
Apple Mac Os X Server 10.2.7
Apple Mac Os X Server 10.3.6
Apple Mac Os X 10.2.3
Apple Mac Os X 10.2.4
Apple Mac Os X 10.2.5
Apple Mac Os X 10.3.3
Apple Mac Os X 10.3.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2