Vulnerabilities (CVE)

Filtered by vendor Cyrusimap Subscribe
Filtered by product Cyrus Imap
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-12843 2 Cyrusimap, Fedoraproject 2 Cyrus Imap, Fedora 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
Cyrus IMAP before 3.0.3 allows remote authenticated users to write to arbitrary files via a crafted (1) SYNCAPPLY, (2) SYNCGET or (3) SYNCRESTORE command.
CVE-2024-34055 1 Cyrusimap 1 Cyrus Imap 2024-06-14 N/A 6.5 MEDIUM
Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command.