Vulnerability Database

300,445

Total vulnerabilities in the database

CVE-2015-2181

Multiple buffer overflows in the DBMail driver in the Password plugin in Roundcube before 1.1.0 allow remote attackers to have unspecified impact via the (1) password or (2) username.

Published: Jan 30, 2017
Updated: Nov 9, 2025
CVE: CVE-2015-2181
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
roundcube / webmail	-	1.1.0

http://www.securityfocus.com/bid/96391
https://github.com/roundcube/roundcubemail/issues/4757

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo