Guard WKS lookup: Evil WKS server forces connections to last forever |
Denial of Service |
afewgoats |
Low |
2021-12-07 |
access to stack memory beyond array boundaries |
Memory Corruption - Generic |
ihsinme |
Medium |
2021-12-03 |
Path Traversal in dict-fs and no-check Escape Character in oauth2-jwt |
Path Traversal |
northsea |
Medium |
2021-09-07 |
Command Injection via STARTTLS in SMTP |
Cryptographic Issues - Generic |
murgi |
Medium |
2021-06-21 |
A malicious user can upload a malicious script through managesieve and trigger its execution in order to consume almost 100% of CPU (LMTP). |
Denial of Service |
rumata |
Medium |
2021-06-21 |
SSRF - Unchecked Snippet IDs for distributed files |
Server-Side Request Forgery (SSRF) |
zhutyra |
High |
2021-05-01 |
SSRF protection bypass in /appsuite/api/oxodocumentfilter addfile action |
Server-Side Request Forgery (SSRF) |
skr0x1c0 |
Medium |
2020-11-27 |
XSS on opening malicious OpenOffice presentation document |
Cross-site Scripting (XSS) - DOM |
skr0x1c0 |
Medium |
2020-11-27 |
XSS on opening a malicious OpenOffice text document |
Cross-site Scripting (XSS) - DOM |
skr0x1c0 |
Medium |
2020-11-23 |
XSS on opening malicious OpenOffice presentation document |
Cross-site Scripting (XSS) - DOM |
skr0x1c0 |
Medium |
2020-11-23 |
Blind SSRF in /appsuite/api/oxodocumentfilter&action=addfile |
Server-Side Request Forgery (SSRF) |
skr0x1c0 |
Medium |
2020-11-23 |
A specifically designed sieve script can cause a DoS in lib-sieve during sieve script compilation via NULL pointer dereference |
NULL Pointer Dereference |
rumata |
None |
2020-10-05 |
Buffer over read from `smtp_command_parse_parameters` |
Buffer Over-read |
catenacyber |
None |
2020-09-21 |
Failed assert in `mail_index_transaction_lookup` |
Business Logic Errors |
catenacyber |
None |
2020-08-27 |
Pre-auth Denial-of-Service in Dovecot RPA implementation |
Denial of Service |
orange |
Medium |
2020-08-13 |
Pre-auth buffer over-read in Dovecot NTLM implementation |
Buffer Over-read |
orange |
Medium |
2020-08-13 |
Null dereference or redundant null check in `mail_crypt_load_global_private_key` for plugin mail-crypt |
NULL Pointer Dereference |
catenacyber |
Medium |
2020-07-07 |
Out of memory with combination of `test_config_set` and `test_config_reload` |
Denial of Service |
catenacyber |
Medium |
2020-07-07 |
Panic in file smtp-address.c: line 684 (smtp_address_write): assertion failed: (smtp_char_is_qpair(*p)) |
Denial of Service |
catenacyber |
None |
2020-06-22 |
Panic: Input stream data unexpectedly has references |
Denial of Service |
catenacyber |
None |
2020-06-22 |
null dereference in `sieve_address_do_validate` (or redundant null check) |
NULL Pointer Dereference |
catenacyber |
None |
2020-06-22 |
Null pointer deference in call to `mail_get_flags` |
NULL Pointer Dereference |
catenacyber |
None |
2020-06-22 |
SSRF - Guard - Unchecked HKP servers |
Server-Side Request Forgery (SSRF) |
zhutyra |
Medium |
2020-06-17 |
SSRF - Guard - Unchecked WKS servers |
Server-Side Request Forgery (SSRF) |
zhutyra |
Medium |
2020-06-17 |
XSS - Guard - Insufficient escaping of User-IDs from PGP Keys |
Cross-site Scripting (XSS) - DOM |
zhutyra |
Medium |
2020-06-17 |
Null pointer dereference in SMTP server function smtp_string_parse |
NULL Pointer Dereference |
catenacyber |
High |
2020-05-18 |
Use after free in smtp_server_connection_handle_command |
Use After Free |
catenacyber |
Medium |
2020-05-18 |
Multiple buffer over reads in mbox_from_parse |
Buffer Over-read |
catenacyber |
None |
2020-04-03 |
Buffer overread in parse_angle_addr called from message_address_parse_path |
Buffer Over-read |
catenacyber |
None |
2020-04-02 |
Buffer over-reads in i_stream_zlib_read |
Buffer Over-read |
catenacyber |
None |
2020-04-01 |
Null pointer dereference in SMTP server function smtp_command_parse_data_with_size |
NULL Pointer Dereference |
catenacyber |
None |
2020-04-01 |
SSRF - Office Documents - Image URL |
Server-Side Request Forgery (SSRF) |
zhutyra |
No rating |
2020-03-25 |
SSRF - Image Sources in HTML Snippets - 727234 bypass |
Server-Side Request Forgery (SSRF) |
zhutyra |
Medium |
2020-02-20 |
SSRF - URL Attachments - 725307 bypass |
Server-Side Request Forgery (SSRF) |
zhutyra |
Medium |
2020-02-20 |
Unchecked URL in attachment datasource |
Server-Side Request Forgery (SSRF) |
zhutyra |
Medium |
2020-02-20 |
Arbitrary local system file read on open-xchange server |
Resource Injection |
pnig0s |
Critical |
2020-01-24 |
[XSS] Style/Event Filter Bypass v3.0 |
Cross-site Scripting (XSS) - Stored |
secator |
High |
2020-01-24 |
CSRF combined with IDOR within Document Converter exposes files |
Cross-Site Request Forgery (CSRF) |
logan5 |
Medium |
2020-01-24 |
Memory corruption in imap-parser.c |
Memory Corruption - Generic |
nick_roessler |
High |
2019-10-24 |
Another window.opener issue |
Open Redirect |
zee_shan |
Medium |
2019-08-15 |
SSRF in VCARD photo upload functionality |
Server-Side Request Forgery (SSRF) |
logan5 |
Medium |
2019-07-05 |
Blind XXE via Powerpoint files |
XML External Entities (XXE) |
mishre |
Critical |
2018-07-23 |
OX Guard: DOM Based Cross-Site Scripting (#2) |
Cross-site Scripting (XSS) - Generic |
dejavuln |
No rating |
2017-12-19 |
OX Guard: DOM Based Cross-Site Scripting |
Cross-site Scripting (XSS) - Generic |
dejavuln |
No rating |
2017-12-19 |
IDOR - Downloading all attachements if having access to a shared link |
Information Disclosure |
inhibitor181 |
High |
2017-09-28 |
IDOR - Deleting other user's reminders just by id |
Violation of Secure Design Principles |
inhibitor181 |
No rating |
2017-09-28 |
IDOR - Leaking other user's folder names from /appsuite/api/import?action=ICA |
Information Disclosure |
inhibitor181 |
No rating |
2017-09-28 |
IDOR - Deleting other user's signature via /appsuite/api/snippet?action=update (although an error is thrown) |
Information Disclosure |
inhibitor181 |
No rating |
2017-09-28 |
IDOR - Accessing other user's attachements via PUT /appsuite/api/files?action=saveAs |
Information Disclosure |
inhibitor181 |
High |
2017-09-28 |
RTLO character in file names |
UI Redressing (Clickjacking) |
inhibitor181 |
No rating |
2017-09-28 |
Incomplete HTML sanitization + Session id leaking + private information disclosure |
Information Disclosure |
inhibitor181 |
No rating |
2017-09-27 |
IDOR - Folder names disclosure inside a domain, regardless of user |
Information Disclosure |
inhibitor181 |
Low |
2017-09-27 |
Resend invitation to members by Read only user(Privilege Escalation) |
Privilege Escalation |
vijay_kumar1110 |
Medium |
2017-08-17 |
Unauthorized access to attachments details of Private Calendar appointments (Access control issue) |
Improper Access Control - Generic |
vijay_kumar1110 |
High |
2017-08-17 |
Critical : View/Edit access to private appointments of calendar folder by read only user (Vertical privilege escalation) |
Privilege Escalation |
vijay_kumar1110 |
Critical |
2017-08-17 |
Set Cookie Via SVG |
Violation of Secure Design Principles |
proabiral |
Medium |
2017-07-03 |
Reflected Cross-Site Scripting due to vulnerable Flash component (Flashmediaelement.swf) |
Cross-site Scripting (XSS) - Generic |
lukasreschke |
Medium |
2017-01-27 |
Tab nabbing via window.opener |
Open Redirect |
haquaman |
No rating |
2016-12-28 |
Selecting encryption for email with drive attachment overrides the drive email password |
Information Disclosure |
haquaman |
No rating |
2016-12-28 |
Stored XSS in Template Documents |
Cross-site Scripting (XSS) - Generic |
haquaman |
No rating |
2016-12-28 |
OX (Guard): Stored Cross-Site Scripting via Email Attachment |
Cross-site Scripting (XSS) - Generic |
dejavuln |
No rating |
2016-11-22 |
OX (Guard): Stored Cross-Site Scripting via Incoming Email |
Cross-site Scripting (XSS) - Generic |
dejavuln |
No rating |
2016-10-27 |