Max CVSS 7.2 Min CVSS 4.9 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-12674 5.0
In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled.
03-02-2023 - 02:23 12-08-2020 - 16:15
CVE-2020-12673 5.0
In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read.
03-02-2023 - 02:22 12-08-2020 - 16:15
CVE-2020-12100 5.0
In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply nested MIME parts.
29-10-2022 - 02:39 12-08-2020 - 16:15
CVE-2020-12674 5.0
In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled.
25-09-2020 - 19:15 12-08-2020 - 16:15
CVE-2020-12673 5.0
In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read.
25-09-2020 - 19:15 12-08-2020 - 16:15
CVE-2020-12100 5.0
In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply nested MIME parts.
25-09-2020 - 19:15 12-08-2020 - 16:15
CVE-2019-3814 4.9
It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could possibly use this issue to impersonate other users.
14-06-2019 - 03:29 27-03-2019 - 13:29
CVE-2019-7524 7.2
In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components.
14-06-2019 - 03:29 28-03-2019 - 14:29
Back to Top Mark selected
Back to Top