Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sendmail vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-1999-0096
Sendmail decode alias can be used to overwrite sensitive files.
Sco Openserver 5.0
Sco Openserver 5.0.2
Sco Internet Faststart 1.0
Sco Internet Faststart 1.1
Freebsd Freebsd 2.1.6.1
Freebsd Freebsd 2.1.6
Bsdi Bsd Os
Freebsd Freebsd 2.1.5
409
VMScore
CVE-2001-0713
Sendmail prior to 8.12.1 does not properly drop privileges when the -C option is used to load custom configuration files, which allows local users to gain privileges via malformed arguments in the configuration file whose names contain characters with the high bit set, such as (1...
Sendmail Sendmail
409
VMScore
CVE-2001-0588
sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local malicious user to gain additional privileges via a buffer overflow in the first argument to the command.
Sco Openserver 5.0.6
409
VMScore
CVE-1999-0129
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
Eric Allman Sendmail 8.8.2
Eric Allman Sendmail 8.8.1
Eric Allman Sendmail 8.8.3
Eric Allman Sendmail 8.8
Sco Openserver 5.0
Sun Sunos 5.3
Sun Sunos 4.1.4
Hp Hp-ux 10.01
Sun Solaris 2.4
Hp Hp-ux 10.00
Sun Solaris 2.5.1
Sun Solaris 2.5
Ibm Aix 4.2
Sco Openserver 5.0.2
Sco Internet Faststart 1.0
Sun Sunos 5.5
Sco Internet Faststart 1.1
Bsdi Bsd Os 2.1
Freebsd Freebsd 2.1.6.1
Sun Sunos 5.4
Freebsd Freebsd 2.1.6
Sun Sunos 5.5.1
383
VMScore
CVE-2022-0741
Improper input validation in all versions of GitLab CE/EE using sendmail to send emails allowed an malicious user to steal environment variables via specially crafted email addresses.
Gitlab Gitlab
383
VMScore
CVE-2018-14512
An XSS vulnerability exists in WUZHI CMS 4.1.0. There is persistent XSS that allows remote malicious users to inject arbitrary web script or HTML via the form[nickname] parameter to the index.php?m=core&f=set&v=sendmail URI. When the administrator accesses the "syste...
Wuzhicms Wuzhi Cms 4.1.0
383
VMScore
CVE-2014-8809
Multiple cross-site scripting (XSS) vulnerabilities in the WP Symposium plugin prior to 14.11 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) text parameter in an addComment action to ajax/profile_functions.php, (2) compose_text param...
Wpsymposiumpro Wp Symposium
383
VMScore
CVE-2006-7176
The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and previous versions does not reject the "localhost.localdomain" domain name for e-mail messages that come from external hosts, which might allow remote malicious users to spoof messages.
Sendmail Sendmail 8.13.1.2
356
VMScore
CVE-2019-12938
The Roundcube component of Analogic Poste.io 2.1.6 uses .htaccess to protect the logs/ folder, which is effective with the Apache HTTP Server but is ineffective with nginx. Attackers can read logs via the webmail/logs/sendmail URI.
Analogic Poste.io 2.1.6
329
VMScore
CVE-2001-1349
Sendmail prior to 8.11.4, and 8.12.0 prior to 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers.
Sendmail Sendmail 8.11.1
Sendmail Sendmail 8.11.0
Sendmail Sendmail 8.11.3
Sendmail Sendmail 8.10.2
Sendmail Sendmail 8.10.1
Sendmail Sendmail 8.10
Sendmail Sendmail 8.12
Sendmail Sendmail 8.11.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »