Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imap vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2001-1154
Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote malicious users to cause a denial of service (hang) using PHP IMAP clients.
Carnegie Mellon University Cyrus Imap Server 1.6.24
Carnegie Mellon University Cyrus Imap Server 2.0.15
Carnegie Mellon University Cyrus Imap Server 2.0.16
Bsdi Bsd Os 4.2
9.1
CVSSv3
CVE-2017-14230
In the mboxlist_do_find function in imap/mboxlist.c in Cyrus IMAP prior to 3.0.4, an off-by-one error in prefix calculation for the LIST command caused use of uninitialized memory, which might allow remote malicious users to obtain sensitive information or cause a denial of servi...
Cyrus Imap
NA
CVE-2004-0224
Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP prior to 3.0.0, Courier prior to 0.45, and SqWebMail prior to 4.0.0 may allow remote malicious users to execute arbitrary code "when Unicode character is out of BMP range."
Double Precision Incorporated Courier Mta 0.43
Double Precision Incorporated Courier Mta 0.43.1
Double Precision Incorporated Sqwebmail 3.6.2
Double Precision Incorporated Sqwebmail 3.6 .0
Inter7 Courier-imap 2.2.1
Double Precision Incorporated Courier Mta 0.44.2
Double Precision Incorporated Sqwebmail 3.5.2
Inter7 Courier-imap 2.0.0
Inter7 Courier-imap 2.1
Double Precision Incorporated Courier Mta 0.43.2
Double Precision Incorporated Courier Mta 0.44
Inter7 Courier-imap 1.6
Inter7 Courier-imap 1.7
Double Precision Incorporated Sqwebmail 3.5.3
Double Precision Incorporated Sqwebmail 3.6.1
Inter7 Courier-imap 2.1.1
Inter7 Courier-imap 2.1.2
Inter7 Courier-imap 2.2.0
Gentoo Linux 1.4
9.8
CVSSv3
CVE-2023-35169
PHP-IMAP is a wrapper for common IMAP communication without the need to have the php-imap module installed / enabled. Prior to version 5.3.0, an unsanitized attachment filename allows any unauthenticated user to leverage a directory traversal vulnerability, which results in a rem...
Webklex Php-imap
NA
CVE-2005-0198
A logic error in the CRAM-MD5 code for the University of Washington IMAP (UW-IMAP) server, when Challenge-Response Authentication Mechanism with MD5 (CRAM-MD5) is enabled, does not properly enforce all the required conditions for successful authentication, which allows remote mal...
University Of Washington Uw-imap
NA
CVE-2000-0284
Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.
University Of Washington Imap 12.264
8 EDB exploits
NA
CVE-2005-3189
Directory traversal vulnerability in Qualcomm WorldMail IMAP Server allows remote malicious users to read arbitrary email messages via ".." sequences in the SELECT command.
Qualcomm Worldmail Imap Server 3.0
1 EDB exploit
NA
CVE-2000-1197
POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes.
University Of Washington Imap 4.5
NA
CVE-2000-0847
Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote malicious users to execute arbitrary commands via a long X-Keywords header.
University Of Washington Imap 4.7b
University Of Washington Imap 4.7c
University Of Washington Pine 4.20
University Of Washington Pine 4.21
NA
CVE-2008-7022
Insecure method vulnerability in ChilkatMail_v7_9.dll in the Chilkat Software IMAP ActiveX control (ChilkatMail2.ChilkatMailMan2.1) allows remote malicious users to execute arbitrary programs via the LoadXmlEmail method.
Chilkatsoft Chilkat Imap Activex Control 7.9
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »