carnegie mellon university

CommunicationsUSoss-project

Cumulative CVEs

Monthly snapshots

#15

Peak rank

Trend history

Full timeline

Top products

cyrus-sasl1

Latest CVEs

See all →

The 10 most recently published vulnerabilities affecting carnegie mellon university.

CVE-2009-0688Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are us...7.5May 15, 2009
CVE-2006-0250Format string vulnerability in the snmp_input function in snmptrapd in CMU SNMP utilities (cmu-snmp) allows remote attackers to execute arbitrary code by sending crafted SNMP messages to UDP port 162.6.4Jan 18, 2006
CVE-2004-1067Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.10.0Dec 10, 2004
CVE-2004-1015Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-20...10.0Dec 1, 2004
CVE-2004-1013The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[...10.0Dec 1, 2004
CVE-2004-1012The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a d...10.0Dec 1, 2004
CVE-2004-1011Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN comm...10.0Dec 1, 2004
CVE-2002-1580Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a differen...7.5May 20, 2004
CVE-2001-1154Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients.5.0Mar 15, 2002
CVE-2000-0956cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions.4.6Jan 22, 2001