Carnegie Mellon University Cyrus Imap Server — known CVE vulnerabilities
Every CVE whose affected-product data names Carnegie Mellon University Cyrus Imap Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2004-1012 — CVSS 10.0 (critical): The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary…
CVE-2004-1015 — CVSS 10.0 (critical): Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to…
CVE-2004-1067 — CVSS 10.0 (critical): Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow…
CVE-2004-1011 — CVSS 10.0 (critical): Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to…
CVE-2004-1013 — CVSS 10.0 (critical): The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary…
CVE-2002-1580 — CVSS 7.5 (high): Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length…
CVE-2001-1154 — CVSS 5.0 (medium): Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP…