Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exim exim vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-16928
Exim 4.92 up to and including 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
Exim Exim
Canonical Ubuntu Linux 19.04
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
1 Github repository
1 Article
7.5
CVSSv2
CVE-2018-6789
An issue exists in the base64d function in the SMTP listener in Exim prior to 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.
Exim Exim
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
2 EDB exploits
7 Github repositories
1 Article
7.5
CVSSv2
CVE-2017-16943
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote malicious users to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands.
Exim Exim 4.89
Exim Exim 4.88
Debian Debian Linux 9.0
2 Github repositories
7.5
CVSSv2
CVE-2016-10045
The isMail transport in PHPMailer prior to 5.2.20 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the ...
Phpmailer Project Phpmailer
Wordpress Wordpress
Joomla Joomla\\!
3 EDB exploits
89 Github repositories
7.5
CVSSv2
CVE-2016-10074
The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer prior to 5.4.5 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted e-mail address in the ...
Swiftmailer Swiftmailer
3 EDB exploits
3 Github repositories
1 Article
7.5
CVSSv2
CVE-2016-10034
The setFrom function in the Sendmail adapter in the zend-mail component prior to 2.4.11, 2.5.x, 2.6.x, and 2.7.x prior to 2.7.2, and Zend Framework prior to 2.4.11 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary c...
Zend Zend Framework
Zend Zend-mail 2.6.2
Zend Zend-mail 2.7.0
Zend Zend-mail 2.7.1
Zend Zend-mail 2.5.0
Zend Zend-mail
Zend Zend-mail 2.6.0
Zend Zend-mail 2.6.1
Zend Zend-mail 2.5.1
Zend Zend-mail 2.5.2
3 EDB exploits
3 Github repositories
7.5
CVSSv2
CVE-2016-10033
The mailSend function in the isMail transport in PHPMailer prior to 5.2.18 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
Phpmailer Project Phpmailer
Wordpress Wordpress
Joomla Joomla\\!
9 EDB exploits
116 Github repositories
7.5
CVSSv2
CVE-2012-2140
The Mail gem prior to 2.4.3 for Ruby allows remote malicious users to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
Rubygems Mail Gem
Rubygems Mail Gem 2.3.3
Rubygems Mail Gem 2.3.2
7.5
CVSSv2
CVE-2011-1764
Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim prior to 4.76 might allow remote malicious users to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstra...
Exim Exim 4.50
Exim Exim 4.44
Exim Exim 4.63
Exim Exim 4.62
Exim Exim 4.61
Exim Exim 4.21
Exim Exim 4.22
Exim Exim 4.41
Exim Exim 4.40
Exim Exim 4.03
Exim Exim 4.02
Exim Exim 3.32
Exim Exim 3.31
Exim Exim 3.14
Exim Exim 3.13
Exim Exim 2.12
Exim Exim 2.11
Exim Exim 4.74
Exim Exim
Exim Exim 4.51
Exim Exim 4.30
Exim Exim 4.64
2 Nmap scripts
1 Github repository
7.5
CVSSv2
CVE-2011-1407
The DKIM implementation in Exim 4.7x prior to 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote malicious users to execute arbitrary code or access a filesystem via a crafted identity.
Exim Exim 4.74
Exim Exim 4.75
Exim Exim 4.72
Exim Exim 4.73
Exim Exim 4.70
Exim Exim 4.71
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »