Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imap vulnerabilities and exploits
(subscribe to this query)
7.4
CVSSv3
CVE-2021-26911
core/imap/MCIMAPSession.cpp in Canary Mail prior to 3.22 has Missing SSL Certificate Validation for IMAP in STARTTLS mode.
Canarymail Canary Mail 3.20
Canarymail Canary Mail 3.21
Libmailcore Mailcore2 0.6.4
NA
CVE-2001-0584
IMAP server in Alt-N Technologies MDaemon 3.5.6 allows a local user to cause a denial of service (hang) via long (1) SELECT or (2) EXAMINE commands.
Alt-n Mdaemon 3.5.6
1 EDB exploit
NA
CVE-2006-3242
Stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt 1.4.2.1 and previous versions allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via long namespaces received from the IMAP server.
Mutt Mutt 1.4.2.1
Mutt Mutt 1.4.2
NA
CVE-2004-2513
Buffer overflow in the IMAP service of Mercury (Pegasus) Mail 4.01 allows remote malicious users to execute arbitrary code via a long SELECT command.
Pmail Pegasus 4.01
5 EDB exploits
NA
CVE-2008-1218
Argument injection vulnerability in Dovecot 1.0.x prior to 1.0.13, and 1.1.x prior to 1.1.rc3, when using blocking passdbs, allows remote malicious users to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable th...
Dovecot Dovecot
1 EDB exploit
NA
CVE-2008-2859
Unspecified vulnerability in the IMAP service in NetWin SurgeMail prior to 3.9g2 allows remote malicious users to cause a denial of service (daemon crash) via unknown vectors related to an "imap command."
Netwin Surgemail 3.8f
Netwin Surgemail 3.8f2
Netwin Surgemail 3.8k3
Netwin Surgemail 3.8k4
Netwin Surgemail 3.9c
Netwin Surgemail 3.9e
Netwin Surgemail 3.8a
Netwin Surgemail 3.8i2
Netwin Surgemail 3.8i3
Netwin Surgemail 3.8q
Netwin Surgemail 3.8s
Netwin Surgemail 3.8f3
Netwin Surgemail 3.8i
Netwin Surgemail 3.8m
Netwin Surgemail 3.8o
Netwin Surgemail
Netwin Surgemail 3.8b
Netwin Surgemail 3.8d
Netwin Surgemail 3.8k
Netwin Surgemail 3.8k2
Netwin Surgemail 3.8u
Netwin Surgemail 3.9a
1 EDB exploit
NA
CVE-2003-1177
Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before SP3a allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a long (1) AUTH command to the POP3 server or (2) AUTHENTICATE command to the IMAP server.
Atrium Software Mercur Mailserver 4.1 Sp1
Atrium Software Mercur Mailserver 4.2
Atrium Software Mercur Mailserver 4.2 Sp1
Atrium Software Mercur Mailserver 4.2 Sp2
Atrium Software Mercur Mailserver 3.3
Atrium Software Mercur Mailserver 3.3 Sp1
Atrium Software Mercur Mailserver 3.3 Sp2
Atrium Software Mercur Mailserver 4.1
1 EDB exploit
NA
CVE-2008-7182
Buffer overflow in the IMAP service in NetWin Surgemail 3.9e, and possibly other versions prior to 3.9g2, allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long first argument to the APPEND command, a different vector...
Netwin Surgemail 3.9e
1 EDB exploit
5.9
CVSSv3
CVE-2021-38542
Apache James prior to release 3.6.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. This can result in Man-in -the-middle command injection attacks, leading potentially to leakage of sensible information.
Apache James
NA
CVE-2013-0289
Isync 0.4 prior to 1.0.6, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary valid certificate...
Isync Project Isync 1.0.2
Isync Project Isync 1.0.1
Isync Project Isync 1.0.0
Isync Project Isync 0.8
Isync Project Isync 1.0.5
Isync Project Isync 1.0.4
Isync Project Isync 1.0.3
Isync Project Isync 0.5
Isync Project Isync 0.4
Isync Project Isync 0.7
Isync Project Isync 0.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »