Max CVSS | 5.0 | Min CVSS | 4.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2020-12674 | 5.0 |
In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled.
|
03-02-2023 - 02:23 | 12-08-2020 - 16:15 | |
CVE-2020-12673 | 5.0 |
In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read.
|
03-02-2023 - 02:22 | 12-08-2020 - 16:15 | |
CVE-2020-12100 | 5.0 |
In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply nested MIME parts.
|
29-10-2022 - 02:39 | 12-08-2020 - 16:15 | |
CVE-2020-12674 | 5.0 |
In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled.
|
25-09-2020 - 19:15 | 12-08-2020 - 16:15 | |
CVE-2020-12673 | 5.0 |
In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read.
|
25-09-2020 - 19:15 | 12-08-2020 - 16:15 | |
CVE-2020-12100 | 5.0 |
In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply nested MIME parts.
|
25-09-2020 - 19:15 | 12-08-2020 - 16:15 | |
CVE-2019-3814 | 4.9 |
It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could possibly use this issue to impersonate other users.
|
14-06-2019 - 03:29 | 27-03-2019 - 13:29 |