| CVE-2018-14363 |
Medium |
Yes |
Directory traversal |
An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames. |
| CVE-2018-14362 |
Medium |
Yes |
Directory traversal |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with... |
| CVE-2018-14361 |
Medium |
Yes |
Denial of service |
An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds even if memory allocation fails for messages data. |
| CVE-2018-14360 |
Medium |
Yes |
Arbitrary code execution |
An issue was discovered in NeoMutt before 2018-07-16. nntp_add_group in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage. |
| CVE-2018-14359 |
High |
Yes |
Arbitrary code execution |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer overflow via base64 data. |
| CVE-2018-14358 |
Medium |
Yes |
Arbitrary code execution |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a... |
| CVE-2018-14357 |
High |
Yes |
Arbitrary command execution |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote... |
| CVE-2018-14356 |
Medium |
Yes |
Insufficient validation |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero-length UID.F |
| CVE-2018-14355 |
Medium |
Yes |
Directory traversal |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/util.c mishandles ".." directory traversal in a mailbox name. |
| CVE-2018-14354 |
Medium |
Yes |
Arbitrary command execution |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote... |
| CVE-2018-14353 |
Medium |
Yes |
Denial of service |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c has an integer underflow. |
| CVE-2018-14352 |
Medium |
Yes |
Denial of service |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c does not leave room for quote characters,... |
| CVE-2018-14351 |
Medium |
Yes |
Denial of service |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a long IMAP status mailbox literal count size. |
| CVE-2018-14350 |
Medium |
Yes |
Denial of service |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a... |
| CVE-2018-14349 |
Medium |
Yes |
Incorrect calculation |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message. |