Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exim exim vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-28022
Exim 4 prior to 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands.
Exim Exim
668
VMScore
CVE-2020-28024
Exim 4 prior to 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtp_ungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF.
Exim Exim
668
VMScore
CVE-2020-26098
cPanel prior to 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485).
Cpanel Cpanel
668
VMScore
CVE-2019-16928
Exim 4.92 up to and including 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
Exim Exim
Canonical Ubuntu Linux 19.04
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
1 Github repository
1 Article
668
VMScore
CVE-2017-16943
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote malicious users to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands.
Exim Exim 4.89
Exim Exim 4.88
Debian Debian Linux 9.0
2 Github repositories
668
VMScore
CVE-2012-2140
The Mail gem prior to 2.4.3 for Ruby allows remote malicious users to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
Rubygems Mail Gem
Rubygems Mail Gem 2.3.3
Rubygems Mail Gem 2.3.2
668
VMScore
CVE-2011-1407
The DKIM implementation in Exim 4.7x prior to 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote malicious users to execute arbitrary code or access a filesystem via a crafted identity.
Exim Exim 4.74
Exim Exim 4.75
Exim Exim 4.72
Exim Exim 4.73
Exim Exim 4.70
Exim Exim 4.71
668
VMScore
CVE-2006-2753
SQL injection vulnerability in MySQL 4.1.x prior to 4.1.20 and 5.0.x prior to 5.0.22 allows context-dependent malicious users to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the m...
Mysql Mysql 4.1.14
Mysql Mysql 4.1.15
Oracle Mysql 4.1.4
Oracle Mysql 4.1.5
Mysql Mysql 5.0.10
Oracle Mysql 5.0.11
Oracle Mysql 5.0.12
Oracle Mysql 5.0.19
Mysql Mysql 5.0.2
Oracle Mysql 5.0.6
Oracle Mysql 5.0.7
Mysql Mysql 4.1.12
Mysql Mysql 4.1.13
Mysql Mysql 4.1.2
Mysql Mysql 4.1.3
Mysql Mysql 5.0.0
Mysql Mysql 5.0.1
Mysql Mysql 4.1.0
Oracle Mysql 4.1.1
Oracle Mysql 4.1.16
Oracle Mysql 4.1.17
Oracle Mysql 4.1.6
668
VMScore
CVE-2006-2313
PostgreSQL 8.1.x prior to 8.1.4, 8.0.x prior to 8.0.8, 7.4.x prior to 7.4.13, 7.3.x prior to 7.3.15, and previous versions versions allows context-dependent malicious users to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, a...
Postgresql Postgresql 7.3
Postgresql Postgresql 7.3.2
Postgresql Postgresql 7.3.3
Postgresql Postgresql 7.4.1
Postgresql Postgresql 7.4.10
Postgresql Postgresql 7.4.6
Postgresql Postgresql 7.4.7
Postgresql Postgresql 8.0.4
Postgresql Postgresql 8.0.5
Postgresql Postgresql 7.3.13
Postgresql Postgresql 7.3.14
Postgresql Postgresql 7.3.8
Postgresql Postgresql 7.3.9
Postgresql Postgresql 7.4
Postgresql Postgresql 7.4.4
Postgresql Postgresql 7.4.5
Postgresql Postgresql 8.0.2
Postgresql Postgresql 8.0.3
Postgresql Postgresql 8.1.3
Postgresql Postgresql 7.3.1
Postgresql Postgresql 7.3.10
Postgresql Postgresql 7.3.4
668
VMScore
CVE-2006-2314
PostgreSQL 8.1.x prior to 8.1.4, 8.0.x prior to 8.0.8, 7.4.x prior to 7.4.13, 7.3.x prior to 7.3.15, and previous versions versions allows context-dependent malicious users to bypass SQL injection protection methods in applications that use multibyte encodings that allow the &quo...
Postgresql Postgresql 7.3
Postgresql Postgresql 7.3.1
Postgresql Postgresql 7.3.3
Postgresql Postgresql 7.3.4
Postgresql Postgresql 7.4.1
Postgresql Postgresql 7.4.10
Postgresql Postgresql 7.4.7
Postgresql Postgresql 7.4.8
Postgresql Postgresql 8.0.5
Postgresql Postgresql 8.0.6
Postgresql Postgresql 7.3.14
Postgresql Postgresql 7.3.2
Postgresql Postgresql 7.3.10
Postgresql Postgresql 7.3.9
Postgresql Postgresql 7.4
Postgresql Postgresql 7.4.5
Postgresql Postgresql 7.4.6
Postgresql Postgresql 8.0.3
Postgresql Postgresql 8.0.4
Postgresql Postgresql 8.1.3
Postgresql Postgresql 7.3.11
Postgresql Postgresql 7.3.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »