| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-14154 | 5.8 |
Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate.
|
01-03-2023 - 16:01 | 15-06-2020 - 17:15 | |
| CVE-2020-14954 | 4.3 |
Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates i
|
27-02-2023 - 18:09 | 21-06-2020 - 17:15 | |
| CVE-2020-14093 | 4.3 |
Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response.
|
27-04-2022 - 14:16 | 15-06-2020 - 05:15 | |
| CVE-2018-14354 | 7.5 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with a manual subscription or unsubscripti
|
24-08-2020 - 17:37 | 17-07-2018 - 17:29 | |
| CVE-2018-14357 | 7.5 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription.
|
24-08-2020 - 17:37 | 17-07-2018 - 17:29 | |
| CVE-2018-14349 | 7.5 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message.
|
20-05-2020 - 01:47 | 17-07-2018 - 17:29 | |
| CVE-2018-14350 | 7.5 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field.
|
20-05-2020 - 01:39 | 17-07-2018 - 17:29 | |
| CVE-2018-14351 | 7.5 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a long IMAP status mailbox literal count size.
|
20-05-2020 - 01:33 | 17-07-2018 - 17:29 | |
| CVE-2018-14352 | 7.5 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c does not leave room for quote characters, leading to a stack-based buffer overflow.
|
20-05-2020 - 01:25 | 17-07-2018 - 17:29 | |
| CVE-2018-14353 | 7.5 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c has an integer underflow.
|
20-05-2020 - 01:23 | 17-07-2018 - 17:29 | |
| CVE-2018-14355 | 5.0 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/util.c mishandles ".." directory traversal in a mailbox name.
|
20-05-2020 - 01:19 | 17-07-2018 - 17:29 | |
| CVE-2018-14356 | 7.5 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero-length UID.
|
20-05-2020 - 01:07 | 17-07-2018 - 17:29 | |
| CVE-2018-14358 | 7.5 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field.
|
20-05-2020 - 00:48 | 17-07-2018 - 17:29 | |
| CVE-2018-14362 | 7.5 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a '/' character.
|
19-05-2020 - 17:19 | 17-07-2018 - 17:29 | |
| CVE-2018-14359 | 7.5 |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer overflow via base64 data.
|
19-05-2020 - 17:13 | 17-07-2018 - 17:29 |