Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Neo Subscribe
Filtered by product Debun Imap
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-0682 1 Neo 2 Debun Imap, Debun Pop 2019-10-02 7.5 HIGH 9.8 CRITICAL
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) does not properly manage sessions, which allows remote attackers to read/send mail or change the configuration via unspecified vectors.
CVE-2018-0681 1 Neo 2 Debun Imap, Debun Pop 2018-12-17 7.5 HIGH 9.8 CRITICAL
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) uses hard-coded credentials, which may allow remote attackers to login to the Management page and change the configuration.
CVE-2018-0680 1 Neo 2 Debun Imap, Debun Pop 2018-12-17 7.5 HIGH 9.8 CRITICAL
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) uses hard-coded credentials, which may allow remote attackers to read/send mail or change the configuration.
CVE-2018-0684 1 Neo 2 Debun Imap, Debun Pop 2018-12-17 7.5 HIGH 9.8 CRITICAL
Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R3.0 and earlier, Denbun IMAP version V3.3I R3.0 and earlier) allows remote attackers to execute arbitrary code or cause a denial-of-service (DoS) condition via multipart/form-data format data.
CVE-2018-0683 1 Neo 2 Debun Imap, Debun Pop 2018-12-17 7.5 HIGH 9.8 CRITICAL
Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) allows remote attackers to execute arbitrary code or cause a denial-of-service (DoS) condition via Cookie data.
CVE-2018-0686 1 Neo 2 Debun Imap, Debun Pop 2018-12-17 6.5 MEDIUM 8.8 HIGH
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) allows remote authenticated attackers to upload and execute any executable files via unspecified vectors.
CVE-2018-0687 1 Neo 2 Debun Imap, Debun Pop 2018-12-17 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting vulnerability in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.