Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postfix vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2937
Postfix 2.5 prior to 2.5.4 and 2.6 prior to 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name.
Postfix Postfix 2.5.2
Postfix Postfix 2.5.3
Postfix Postfix 2.6.0
Postfix Postfix 2.5.0
Postfix Postfix 2.5.1
NA
CVE-2007-3791
Buffer overflow in the w_read function in sockets.c in Cami Sardinha and Nigel Kukard policyd prior to 1.81 for Postfix allows remote malicious users to cause a denial of service and possibly execute arbitrary code via long SMTP commands. NOTE: some of these details are obtained ...
Policyd Policyd 1.71
Policyd Policyd 1.72
Policyd Policyd 1.73
Policyd Policyd 1.80
Policyd Policyd 1.74
Policyd Policyd 1.75
Policyd Policyd 1.70
Policyd Policyd 1.78
Policyd Policyd 1.79
Policyd Policyd 1.76
Policyd Policyd 1.77
NA
CVE-2006-2753
SQL injection vulnerability in MySQL 4.1.x prior to 4.1.20 and 5.0.x prior to 5.0.22 allows context-dependent malicious users to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the m...
Mysql Mysql 4.1.14
Mysql Mysql 4.1.15
Oracle Mysql 4.1.4
Oracle Mysql 4.1.5
Mysql Mysql 5.0.10
Oracle Mysql 5.0.11
Oracle Mysql 5.0.12
Oracle Mysql 5.0.19
Mysql Mysql 5.0.2
Oracle Mysql 5.0.6
Oracle Mysql 5.0.7
Mysql Mysql 4.1.12
Mysql Mysql 4.1.13
Mysql Mysql 4.1.2
Mysql Mysql 4.1.3
Mysql Mysql 5.0.0
Mysql Mysql 5.0.1
Mysql Mysql 4.1.0
Oracle Mysql 4.1.1
Oracle Mysql 4.1.16
Oracle Mysql 4.1.17
Oracle Mysql 4.1.6
NA
CVE-2006-2313
PostgreSQL 8.1.x prior to 8.1.4, 8.0.x prior to 8.0.8, 7.4.x prior to 7.4.13, 7.3.x prior to 7.3.15, and previous versions versions allows context-dependent malicious users to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, a...
Postgresql Postgresql 7.3
Postgresql Postgresql 7.3.2
Postgresql Postgresql 7.3.3
Postgresql Postgresql 7.4.1
Postgresql Postgresql 7.4.10
Postgresql Postgresql 7.4.6
Postgresql Postgresql 7.4.7
Postgresql Postgresql 8.0.4
Postgresql Postgresql 8.0.5
Postgresql Postgresql 7.3.13
Postgresql Postgresql 7.3.14
Postgresql Postgresql 7.3.8
Postgresql Postgresql 7.3.9
Postgresql Postgresql 7.4
Postgresql Postgresql 7.4.4
Postgresql Postgresql 7.4.5
Postgresql Postgresql 8.0.2
Postgresql Postgresql 8.0.3
Postgresql Postgresql 8.1.3
Postgresql Postgresql 7.3.1
Postgresql Postgresql 7.3.10
Postgresql Postgresql 7.3.4
NA
CVE-2006-2314
PostgreSQL 8.1.x prior to 8.1.4, 8.0.x prior to 8.0.8, 7.4.x prior to 7.4.13, 7.3.x prior to 7.3.15, and previous versions versions allows context-dependent malicious users to bypass SQL injection protection methods in applications that use multibyte encodings that allow the &quo...
Postgresql Postgresql 7.3
Postgresql Postgresql 7.3.1
Postgresql Postgresql 7.3.3
Postgresql Postgresql 7.3.4
Postgresql Postgresql 7.4.1
Postgresql Postgresql 7.4.10
Postgresql Postgresql 7.4.7
Postgresql Postgresql 7.4.8
Postgresql Postgresql 8.0.5
Postgresql Postgresql 8.0.6
Postgresql Postgresql 7.3.14
Postgresql Postgresql 7.3.2
Postgresql Postgresql 7.3.10
Postgresql Postgresql 7.3.9
Postgresql Postgresql 7.4
Postgresql Postgresql 7.4.5
Postgresql Postgresql 7.4.6
Postgresql Postgresql 8.0.3
Postgresql Postgresql 8.0.4
Postgresql Postgresql 8.1.3
Postgresql Postgresql 7.3.11
Postgresql Postgresql 7.3.5
NA
CVE-2006-1721
digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions prior to 2.1.21, allows remote unauthenticated malicious users to cause a denial of service (segmentation fault) via malformed inputs in DIGEST-MD5 negotiation...
Cyrus Sasl 2.1.18 R1
Cyrus Sasl 2.1.18 R2
Cyrus Sasl 2.1.19
Cyrus Sasl 2.1.20
Cyrus Sasl 2.1.18
NA
CVE-2005-1100
Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon (GLD) 1.3 and 1.4 allows remote malicious users to execute arbitrary code via format string specifiers in data that is passed directly to syslog.
Salim Gasmi Gld 1.3
Salim Gasmi Gld 1.4
1 EDB exploit
NA
CVE-2005-1127
Format string vulnerability in the log function in Net::Server 0.87 and previous versions, as used in Postfix Greylisting Policy Server (Postgrey) 1.18 and previous versions, and possibly other products, allows remote malicious users to cause a denial of service (crash) via forma...
Postgrey Postgrey 1.18
Postgrey Postgrey
Postgrey Postgrey 1.17
NA
CVE-2005-0337
Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote malicious users to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname.
Wietse Venema Postfix 2.1.3
Redhat Enterprise Linux 4.0
Suse Suse Linux 9.0
Suse Suse Linux 9.1
Suse Suse Linux 8.2
Suse Suse Linux 8.0
Suse Suse Linux 8.1
Redhat Enterprise Linux Desktop 4.0
Suse Suse Linux 9.2
NA
CVE-2005-1099
Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote malicious users to execute arbitrary code.
Salim Gasmi Gld 1.3.1
Salim Gasmi Gld 1.4
Salim Gasmi Gld 1.0
Salim Gasmi Gld 1.1
Salim Gasmi Gld 1.2
Salim Gasmi Gld 1.3
3 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »