Max CVSS 7.2 Min CVSS 4.9 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-11499 5.0
In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login component crashes if AUTH PLAIN is attempted over a TLS secured channel with an unacceptable authentication message.
01-03-2023 - 15:20 08-05-2019 - 17:29
CVE-2019-11494 5.0
In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login service crashes when the client disconnects prematurely during the AUTH command.
01-03-2023 - 15:15 08-05-2019 - 18:29
CVE-2019-10691 5.0
The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username.
24-08-2020 - 17:37 24-04-2019 - 17:29
CVE-2019-3814 4.9
It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could possibly use this issue to impersonate other users.
14-06-2019 - 03:29 27-03-2019 - 13:29
CVE-2019-7524 7.2
In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components.
14-06-2019 - 03:29 28-03-2019 - 14:29
Back to Top Mark selected
Back to Top