Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (49 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1285 1 Ipswitch 1 Imail 2025-04-03 N/A
Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7.04 and earlier allows remote attackers to access the mailboxes of other users via a .. (dot dot) in the mbx parameter.
CVE-2002-1076 1 Ipswitch 1 Imail 2025-04-03 N/A
Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0.
CVE-1999-1557 1 Ipswitch 1 Imail 2025-04-03 N/A
Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long user name or (2) a long password.
CVE-2005-2160 1 Ipswitch 1 Imail 2025-04-03 7.5 High
IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to obtain sensitive information.
CVE-2000-0019 1 Ipswitch 1 Imail 2025-04-03 N/A
IMail POP3 daemon uses weak encryption, which allows local users to read files.
CVE-1999-1170 2 Ipswitch, Progress 2 Imail, Ws Ftp Server 2025-04-03 N/A
IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920.
CVE-1999-1497 1 Ipswitch 1 Imail 2025-04-03 N/A
Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts.
CVE-2005-2923 1 Ipswitch 2 Imail Server, Ipswitch Collaboration Suite 2025-04-03 N/A
The IMAP server in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to cause a denial of service (crash) via a long argument to the LIST command, which causes IMail Server to reference invalid memory.
CVE-2005-1252 1 Ipswitch 2 Imail, Imail Server 2025-04-03 N/A
Directory traversal vulnerability in the Web Calendaring server in Ipswitch Imail 8.13, and other versions before IMail Server 8.2 Hotfix 2, allows remote attackers to read arbitrary files via "..\" (dot dot backslash) sequences in the query string argument in a GET request to a non-existent .jsp file.