Filtered by vendor Hmailserver
Subscribe
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-52372 | 1 Hmailserver | 1 Hmailserver | 2025-08-08 | N/A | 5.1 MEDIUM |
| An issue in hMailServer v.5.8.6 allows a local attacker to obtain sensitive information via the hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini components. | |||||
| CVE-2025-52374 | 1 Hmailserver | 1 Hmailserver | 2025-08-07 | N/A | 4.6 MEDIUM |
| Use of hardcoded cryptographic key in Encryption.cs in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords to other servers from hMailAdmin.exe.config file to access other hMailServer admin consoles with configured connections. | |||||
| CVE-2025-52373 | 1 Hmailserver | 1 Hmailserver | 2025-08-07 | N/A | 4.6 MEDIUM |
| Use of hardcoded cryptographic key in BlowFish.cpp in hMailServer 5.8.6 and 5.6.9-beta allows attacker to decrypt passwords used in database connections from hMailServer.ini config file. | |||||
| CVE-2008-3676 | 1 Hmailserver | 1 Hmailserver | 2025-04-09 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the IMAP server in hMailServer 4.4.1 allows remote authenticated users to cause a denial of service (resource exhaustion or daemon crash) via a long series of IMAP commands. | |||||
| CVE-2013-5571 | 1 Hmailserver | 1 Hmailserver | 2024-11-21 | 2.6 LOW | 5.9 MEDIUM |
| HMailServer 5.3.x and prior: Memory Corruption which could cause DOS | |||||