HIGH7.5CVE-2026-43964Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced stat… from 0
from 0, < 3.5.23-0+deb11u1
from 0, < 3.4.23-0+deb10u2
—The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authenti…
from 0, < 2.8.3-1
—postfix - several
from 0, < 2.5.5-1.1+lenny1
—postfix - several
from 0, < 2.8.0-1
—The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/pos…
from 0, < 2.6.5-3
—Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors…
from 0, < 2.5.5-1
—postfix - local privilege escalation
from 0, < 2.3.8-2+etch1
—Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which al…
from 0, < 2.5.4-1
—postfix - local privilege escalation
from 0, < 2.5.4-1
—postfix - local privilege escalation
from 0, < 2.5.2-2lenny1
—postfix - local privilege escalation
from 0, < 2.3.8-2etch1
—Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote atta…
from 0, < 2.1.4-5
—postfix - denial of service, bounce-scanning
from 0, < 1.1.11-0.woody3
—The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envel…
from 0, < 1.1.12
—postfix - denial of service, bounce-scanning
from 0, < 1.1.12