Vulnerabilities > Mailcow > High

DATE CVE VULNERABILITY TITLE RISK
2024-08-05 CVE-2024-41958 Unspecified vulnerability in Mailcow Mailcow: Dockerized
mailcow: dockerized is an open source groupware/email suite based on docker.
network
low complexity
mailcow
7.2
2024-02-02 CVE-2024-24760 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Mailcow Mailcow: Dockerized
mailcow is a dockerized email package, with multiple containers linked in one bridged network.
low complexity
mailcow CWE-610
7.3
2023-06-07 CVE-2023-34108 Unspecified vulnerability in Mailcow Mailcow: Dockerized
mailcow is a mail server suite based on Dovecot, Postfix and other open source software, that provides a modern web UI for user/server administration.
network
low complexity
mailcow
8.8
2023-03-04 CVE-2023-26490 OS Command Injection vulnerability in Mailcow Mailcow: Dockerized
mailcow is a dockerized email package, with multiple containers linked in one bridged network.
network
low complexity
mailcow CWE-78
8.8
2022-09-27 CVE-2022-39258 Open Redirect vulnerability in Mailcow Mailcow: Dockerized
mailcow is a mailserver suite.
network
low complexity
mailcow CWE-601
8.2
2022-07-11 CVE-2022-31138 OS Command Injection vulnerability in Mailcow Mailcow: Dockerized
mailcow is a mailserver suite.
network
low complexity
mailcow CWE-78
8.8
2022-05-20 CVE-2022-31245 OS Command Injection vulnerability in Mailcow Mailcow: Dockerized
mailcow before 2022-05d allows a remote authenticated user to inject OS commands and escalate privileges to domain admin via the --debug option in conjunction with the ---PIPEMESS option in Sync Jobs.
network
low complexity
mailcow CWE-78
8.8
2017-05-14 CVE-2017-8928 Cross-Site Request Forgery (CSRF) vulnerability in Mailcow Mailcow: Dockerized 0.14
mailcow 0.14, as used in "mailcow: dockerized" and other products, has CSRF.
network
low complexity
mailcow CWE-352
8.8