Vpopmail and QmailAdmin are prone to several integer overflows related to quotas.
3ae67e29f30c5c88ee23c1b3fb7614eee4d7c2f24fb9d30828dae15db1d02410
RoundCube Webmail versions 0.2-3 Beta and below suffer from a remote code execution vulnerability.
6f1e717d91ae7845d24e204d2ad541c1ad9795b646ca4e880f3445f8d655db66
Proof of concept exploit for the mod_rewrite vulnerability in Apache that makes use of an off by one overflow in the handling of ldap requests.
47f17f2bae7bce7af834754bc7cd0e1bc951414c01f5d33309f9e31e99e9e771