Max CVSS | 7.5 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-19783 | 3.5 |
An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed (3.x) or certain non-default sieve options are enabled (2.x), a user with a mail account on the service can use a
|
03-05-2022 - 14:27 | 16-12-2019 - 14:15 | |
CVE-2019-11356 | 7.5 |
The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.
|
03-05-2022 - 14:27 | 03-06-2019 - 20:29 | |
CVE-2011-3481 | 4.3 |
The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header
|
30-10-2018 - 16:26 | 14-09-2011 - 17:17 | |
CVE-2011-3208 | 7.5 |
Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command.
|
30-10-2018 - 16:26 | 14-09-2011 - 17:17 | |
CVE-2011-1926 | 5.1 |
The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is
|
30-10-2018 - 16:26 | 23-05-2011 - 22:55 |