Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mutt vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-3766
mutt_ssl.c in mutt 1.5.16 and other versions prior to 1.5.19, when OpenSSL is used, does not verify the domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary valid cer...
Mutt Mutt
NA
CVE-1999-0941
Mutt mail client allows a remote malicious user to execute commands via shell metacharacters.
Mutt Mutt 0.95.6
NA
CVE-2005-2642
Buffer overflow in the mutt_decode_xbit function in Handler.c for Mutt 1.5.10 allows remote malicious users to execute arbitrary code, possibly due to interactions with libiconv or gettext.
Mutt Mutt 1.5.10
NA
CVE-2009-1390
Mutt 1.5.19, when linked against (1) OpenSSL (mutt_ssl.c) or (2) GnuTLS (mutt_ssl_gnutls.c), allows connections when only one TLS certificate in the chain is accepted instead of verifying the entire chain, which allows remote malicious users to spoof trusted servers via a man-in-...
Mutt Mutt 1.5.19
NA
CVE-2007-2683
Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters in the GECOS field, which triggers the overflow during alias expansion.
Mutt Mutt 1.4.2
1 EDB exploit
NA
CVE-1999-0940
Buffer overflow in mutt mail client allows remote malicious users to execute commands via malformed MIME messages.
Mutt Mutt Mail Client
9.1
CVSSv3
CVE-2021-32055
Mutt 1.11.0 up to and including 2.0.x prior to 2.0.7 (and NeoMutt 2019-10-25 through 2021-05-04) has a $imap_qresync issue in which imap/util.c has an out-of-bounds read in situations where an IMAP sequence set ends with a comma. NOTE: the $imap_qresync setting for QRESYNC is not...
Mutt Mutt
Neomutt Neomutt
NA
CVE-2003-0299
The IMAP Client, as used in mutt 1.4.1 and Balsa 2.0.10, allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large mailbox size values that cause either integer signedness errors or integer overflow errors.
Mutt Mutt 1.4.1
Stuart Parmenter Balsa 2.0.10
5.3
CVSSv3
CVE-2020-28896
Mutt prior to 2.0.2 and NeoMutt prior to 2020-11-20 did not ensure that $ssl_force_tls was processed if an IMAP server's initial server response was invalid. The connection was not properly closed, and the code could continue attempting to authenticate. This could result in ...
Mutt Mutt
Neomutt Neomutt
Debian Debian Linux 9.0
5.3
CVSSv3
CVE-2022-1328
Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 prior to 2.2.3 allows read past end of input line
Mutt Mutt
Debian Debian Linux 9.0
Fedoraproject Fedora 36
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »