Debian Linux Security Advisory 4640-1 - handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed media files are processed.
270dc8a682bea4ac1ace4b7a2aa472c7d4bea5b4613a776864fbdf3740a2ab68
Ubuntu Security Notice 4207-1 - It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.
8a1c3fd7155302cb1ec1e31f9144f4a9663fff6db142a158728344092ab7406d
Red Hat Security Advisory 2019-2885-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include an out of bounds write vulnerability.
9fd2c275018a733cb0c3bfff40805dbf55029a0ac78e0633b48964b677b6156c
Red Hat Security Advisory 2019-2836-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include an out of bounds write vulnerability.
a9cc8d9231e99e2caa2a016b2b5c2aefe8c8ab89d85e66e08bddff1d43b5608b
Red Hat Security Advisory 2019-2822-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include an out of bounds write vulnerability.
5d98bb169c0022e723dbcc0170c5cc39144a84d85aedfaccd46b356f884baf14
Gentoo Linux Security Advisory 201908-29 - Multiple vulnerabilities have been found in Dovecot, the worst of which could result in the arbitrary execution of code. Versions less than 2.3.7.2 are affected.
cddba783a17794365464d8147d620763c2579d8620bb0ccfc1692937e1db247c
Ubuntu Security Notice 4110-4 - USN-4110-1 fixed a vulnerability in Dovecot. The update introduced a regression causing a wrong check. This update fixes the problem for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Nick Roessler and Rafi Rubin discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
ba5b903c212775a3900d1f88e72486fb256e8202fa117e10525eaf3cbcd9a736
Ubuntu Security Notice 4110-3 - USN-4110-1 fixed a vulnerability in Dovecot. The update introduced a regression causing a wrong check. This update fixes the problem. Nick Roessler and Rafi Rubin discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
ea497bd34cac8fb3ea8df64d24c03b963f18392532a993273d189149c06c84cc
Ubuntu Security Notice 4110-2 - USN-4110-1 fixed a vulnerability in Dovecot. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Nick Roessler and Rafi Rubin discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
304d734f8346c73e85ea728a6b76429713959e68248569d54ebbdad82c84f68c
Debian Linux Security Advisory 4510-1 - Nick Roessler and Rafi Rubin discovered that the IMAP and ManageSieve protocol parsers in the Dovecot email server do not properly validate input (both pre- and post-login). A remote attacker can take advantage of this flaw to trigger out of bounds heap memory writes, leading to information leaks or potentially the execution of arbitrary code.
c04546fd005105ce0ea049041181543abc29468ef19bad67410168c397658f7d
Ubuntu Security Notice 4110-1 - Nick Roessler and Rafi Rubin discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
266fb9a4d88612b859b072db5fec419fd51c1b8f1685d5cfba9cc0a100abcb6b
Microsoft Font Subsetting DLL suffers from a heap-based out-of-bounds read vulnerability in WriteTableFromStructure.
b204042a95fcd480c897cdcace659b0082a8aacc0c60176198f2f1268aeb6155
Microsoft Font Subsetting DLL suffers from a heap corruption vulnerability in ReadTableIntoStructure.
544427667509a091f6d7efe745438ad65a9a17d6c0bfcf266fd3e755022d8081
Zotonic versions 0.46 and below suffer from a mod_admin (Erlang) cross site scripting vulnerability.
3fd307fee2b7a14a1961db8990a6a429e994d9d50e814d0e16289262ea438c1b