Known Vulnerabilities for products from Cyrus
Listed below are 17 of the newest known vulnerabilities associated with the vendor "Cyrus".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-33582 json | Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute daemon hang) via input that is ... | 7.5 - HIGH | 2021-09-01 | 2023-11-07 |
| CVE-2021-32056 json | Cyrus IMAP before 3.2.7, and 3.3.x and 3.4.x before 3.4.1, allows remote authenticated users to bypass intended access restri... | 4.3 - MEDIUM | 2021-05-10 | 2023-11-07 |
| CVE-2019-19783 json | An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading ... | 6.5 - MEDIUM | 2019-12-16 | 2023-11-07 |
| CVE-2019-18928 json | Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted i... | 9.8 - CRITICAL | 2019-11-15 | 2023-11-07 |
| CVE-2019-11356 json | The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arb... | 9.8 - CRITICAL | 2019-06-03 | 2023-11-07 |
| CVE-2017-14230 json | In the mboxlist_do_find function in imap/mboxlist.c in Cyrus IMAP before 3.0.4, an off-by-one error in prefix calculation for... | 9.1 - CRITICAL | 2017-09-10 | 2017-09-21 |
| CVE-2015-8078 json | Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attacke... | 7.5 - HIGH | 2015-12-03 | 2023-11-07 |
| CVE-2015-8077 json | Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attacke... | 7.5 - HIGH | 2015-12-03 | 2023-11-07 |
| CVE-2015-8076 json | The index_urlfetch function in index.c in Cyrus IMAP 2.3.x before 2.3.19, 2.4.x before 2.4.18, 2.5.x before 2.5.4 allows remo... | 7.5 - HIGH | 2015-12-03 | 2018-10-30 |
| CVE-2011-3372 json | imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication ... | 7.5 - HIGH | 2011-12-24 | 2011-12-26 |
| CVE-2006-2502 json | Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows rem... | 5.1 - MEDIUM | 2006-05-22 | 2017-07-20 |
| CVE-2006-1721 json | digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions befo... | Not Provided | 2006-04-11 | 2025-04-03 |
| CVE-2005-0546 json | Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one er... | Not Provided | 2005-05-02 | 2025-04-03 |
| CVE-2005-0373 json | Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin fo... | Not Provided | 2004-10-07 | 2025-04-03 |
| CVE-2004-0884 json | The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASL_PATH environment variable to find ... | Not Provided | 2005-01-27 | 2025-04-03 |
| CVE-2002-2253 json | Multiple buffer overflows in Cyrus Sieve / libSieve 2.1.2 and earlier allow remote attackers to execute arbitrary code via (1... | Not Provided | 2002-12-31 | 2025-04-03 |
| CVE-2002-2043 json | SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attacke... | Not Provided | 2002-12-31 | 2025-04-03 |
Known software with vulnerabilities from Cyrus
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Cyrus | Imap | 2.3.0 |