Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
axigen vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-0886
Heap-based buffer underflow in axigen 1.2.6 up to and including 2.0.0b1 allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via certain base64-encoded data on the pop3 port (110/tcp), which triggers an integer overflo...
Gecad Technologies Axigen Mail Server 1.2.6
Gecad Technologies Axigen Mail Server 2.0.0b1
1 EDB exploit
NA
CVE-2012-4940
Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote malicious users to read or delete arbitrary files via a .. (dot dot) in (1) the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or ...
Gecad Axigen Free Mail Server -
1 EDB exploit
NA
CVE-2009-1484
Cross-site scripting (XSS) vulnerability in the web mail interface feature in AXIGEN Mail Server 6.2.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors involving e-mail messages. NOTE: the provenance of this information is unknown; the ...
Gecad Axigen Mail Server 6.2.2
NA
CVE-2008-0434
Format string vulnerability in the AXIMilter module in AXIGEN Mail Server 5.0.2 allows remote malicious users to execute arbitrary code via format string specifiers in the CNHO command.
Gecad Technologies Axigen Mail Server 5.0.2
1 EDB exploit
NA
CVE-2024-25080
WebMail in Axigen 10.x prior to 10.3.3.62 allows XSS via the image attachment viewer.
NA
CVE-2020-26942
An issue discovered in Axigen Mail Server 10.3.x prior to 10.3.1.27 and 10.3.2.x prior to 10.3.3.1 allows unauthenticated malicious users to submit a setAdminPassword operation request, subsequently setting a new arbitrary password for the admin account.
NA
CVE-2024-28589
An issue exists in Axigen Mail Server for Windows versions 10.5.18 and before, allows local low-privileged malicious users to execute arbitrary code and escalate privileges via insecure DLL loading from a world-writable directory during service initialization.
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2