Net/mail
This hub aggregates every CVE we track for Net/mail, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
21
CVEs tracked
3
Critical
8
High
0
In CISA KEV
Severity distribution
MEDIUM9HIGH8CRITICAL3LOW1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
2
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Net/mail.
- CVE-2026-39820Quadratic string concatentation in consumeComment in net/mail7.5
- CVE-2026-42499Quadratic string concatenation in consumePhrase in net/mail7.5
- CVE-2025-61725Excessive CPU consumption in ParseAddress in net/mail7.5
- CVE-2024-24784Comments in display names are incorrectly handled in net/mail7.5
- CVE-2007-6302Multiple heap-based buffer overflows in avirus.exe in Novell NetMail 3.5.2 before Messaging Architects M+NetMail 3.52f (aka 3.5.2F) allows remote attackers to execute arbitrary code via unspecified...6.8
- CVE-2007-2616Stack-based buffer overflow in the SSL version of the NMDMC.EXE service in Novell NetMail 3.52e FTF2 and probably earlier allows remote attackers to execute arbitrary code via a crafted request.10.0
- CVE-2007-1350Stack-based buffer overflow in webadmin.exe in Novell NetMail 3.5.2 allows remote attackers to execute arbitrary code via a long username during HTTP Basic authentication.6.8
- CVE-2006-6762The IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to cause a denial of service via an APPEND command with a single "(" (parenthesis) in the argument.4.0
- CVE-2006-6761Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command.6.5
- CVE-2006-6425Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND c...9.0
- CVE-2006-6424Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation r...9.0
- CVE-2005-1976Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets the owner and group ID to 500 for certain files, which could allow users or groups with that ID to execute arbitrary code or c...1.7
- CVE-2005-3314Stack-based buffer overflow in the IMAP daemon in Novell Netmail 3.5.2 allows remote attackers to execute arbitrary code via "long verb arguments."7.5
- CVE-2005-2469Stack-based buffer overflow in the NMAP Agent for Novell NetMail 3.52C and possibly earlier versions allows local users to execute arbitrary code via a long user name in the USER command.4.6
- CVE-2004-2298Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store ...6.4
Product normalization is registry-driven with AI assist and human review. How it works