Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dovecot dovecot 2.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-2111
The IMAP functionality in Dovecot prior to 2.2.2 allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via invalid APPEND parameters.
Dovecot Dovecot 2.2
Dovecot Dovecot 2.2.0
Dovecot Dovecot
8.8
CVSSv3
CVE-2022-30550
An issue exists in the auth component in Dovecot 2.2 and 2.3 prior to 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied setti...
Dovecot Dovecot
Dovecot Dovecot 2.2
Debian Debian Linux 10.0
NA
CVE-2013-6171
checkpassword-reply in Dovecot prior to 2.2.7 performs setuid operations to a user who is authenticating, which allows local users to bypass authentication and access virtual email accounts by attaching to the process and using a restricted file descriptor to modify account infor...
Dovecot Dovecot 2.0.12
Dovecot Dovecot 2.0.13
Dovecot Dovecot 2.0.6
Dovecot Dovecot 2.0.7
Dovecot Dovecot 2.1
Dovecot Dovecot 2.1.0
Dovecot Dovecot 2.1.15
Dovecot Dovecot 2.1.2
Dovecot Dovecot 2.2.5
Dovecot Dovecot 2.2.4
Dovecot Dovecot 2.2
Dovecot Dovecot 2.0
Dovecot Dovecot 2.0.14
Dovecot Dovecot 2.0.15
Dovecot Dovecot 2.0.8
Dovecot Dovecot 2.0.9
Dovecot Dovecot 2.1.1
Dovecot Dovecot 2.1.10
Dovecot Dovecot 2.1.3
Dovecot Dovecot 2.1.4
Dovecot Dovecot 2.2.3
Dovecot Dovecot 2.2.2
7.5
CVSSv3
CVE-2019-10691
The JSON encoder in Dovecot prior to 2.3.5.2 allows malicious users to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username.
Dovecot Dovecot
Opensuse Leap 15.0
NA
CVE-2009-2632
Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 prior to 1.0.4 and 1.1 prior to 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted S...
Cmu Cyrus Imap Server 2.2.13
Cmu Cyrus Imap Server 2.3.14
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started