Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sendmail vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-10034
The setFrom function in the Sendmail adapter in the zend-mail component prior to 2.4.11, 2.5.x, 2.6.x, and 2.7.x prior to 2.7.2, and Zend Framework prior to 2.4.11 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary c...
Zend Zend Framework
Zend Zend-mail 2.6.2
Zend Zend-mail 2.7.0
Zend Zend-mail 2.7.1
Zend Zend-mail 2.5.0
Zend Zend-mail
Zend Zend-mail 2.6.0
Zend Zend-mail 2.6.1
Zend Zend-mail 2.5.1
Zend Zend-mail 2.5.2
3 EDB exploits
1 Github repository
7.5
CVSSv2
CVE-2016-10033
The mailSend function in the isMail transport in PHPMailer prior to 5.2.18 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
Phpmailer Project Phpmailer
Wordpress Wordpress
Joomla Joomla\\!
9 EDB exploits
114 Github repositories
7.5
CVSSv2
CVE-2012-2140
The Mail gem prior to 2.4.3 for Ruby allows remote malicious users to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
Rubygems Mail Gem
Rubygems Mail Gem 2.3.3
Rubygems Mail Gem 2.3.2
7.5
CVSSv2
CVE-2009-4565
sendmail prior to 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle malicious users to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate C...
Sendmail Sendmail 8.14.2
Sendmail Sendmail
Sendmail Sendmail 8.7.8
Sendmail Sendmail 8.7.7
Sendmail Sendmail 8.7.6
Sendmail Sendmail 8.13.4
Sendmail Sendmail 8.13.3
Sendmail Sendmail 8.12
Sendmail Sendmail 8.12.4
Sendmail Sendmail 8.12.3
Sendmail Sendmail 8.12.2
Sendmail Sendmail 8.11.4
Sendmail Sendmail 8.11.3
Sendmail Sendmail 8.10
Sendmail Sendmail 2.6
Sendmail Sendmail 5.61
Sendmail Sendmail 5.65
Sendmail Sendmail 8.9.3
Sendmail Sendmail 8.9.2
Sendmail Sendmail 8.7.10
Sendmail Sendmail 8.6.7
Sendmail Sendmail 8.13.2
7.5
CVSSv2
CVE-2009-4023
Argument injection vulnerability in the sendmail implementation of the Mail::Send method (Mail/sendmail.php) in the Mail package 1.1.14 for PEAR allows remote malicious users to read and write arbitrary files via a crafted $from parameter, a different vector than CVE-2009-4111.
Pear Pear 1.1.14
7.5
CVSSv2
CVE-2006-7175
The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and previous versions does not allow the administrator to disable SSLv2 encryption, which could cause less secure channels to be used than desired.
Sendmail Sendmail 8.13.1.2
7.5
CVSSv2
CVE-2005-2943
Stack-based buffer overflow in sendmail in XMail prior to 1.22 allows remote malicious users to execute arbitrary code via a long -t command line option.
Davide Libenzi Xmail 1.16
Davide Libenzi Xmail 1.17
Davide Libenzi Xmail 1.4
Davide Libenzi Xmail 1.5
Davide Libenzi Xmail 1.11
Davide Libenzi Xmail 1.12
Davide Libenzi Xmail 1.2
Davide Libenzi Xmail 1.20
Davide Libenzi Xmail 1.8
Davide Libenzi Xmail 1.9
Davide Libenzi Xmail 1.14
Davide Libenzi Xmail 1.15
Davide Libenzi Xmail 1.21
Davide Libenzi Xmail 1.3
Davide Libenzi Xmail 1.0
Davide Libenzi Xmail 1.1
Davide Libenzi Xmail 1.10
Davide Libenzi Xmail 1.18
Davide Libenzi Xmail 1.19
Davide Libenzi Xmail 1.6
Davide Libenzi Xmail 1.7
1 EDB exploit
7.5
CVSSv2
CVE-2005-0107
bsmtpd 2.3 and previous versions does not properly sanitize e-mail addresses, which allows remote malicious users to execute arbitrary commands.
Debian Bsmtpd
7.5
CVSSv2
CVE-2004-0833
Sendmail prior to 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote malicious users to use Sendmail as an open mail relay and send spam messages.
Debian Debian Linux 3.0
7.5
CVSSv2
CVE-2003-0681
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
Sendmail Advanced Message Server 1.2
Sendmail Advanced Message Server 1.3
Sendmail Sendmail 8.10
Sendmail Sendmail 8.10.1
Sendmail Sendmail 8.11.5
Sendmail Sendmail 8.11.6
Sendmail Sendmail 8.12.6
Sendmail Sendmail 8.12.7
Sendmail Sendmail 8.8.8
Sendmail Sendmail 8.9.0
Sendmail Sendmail Switch 2.1.1
Sendmail Sendmail Switch 2.1.2
Sendmail Sendmail Switch 2.2.3
Sendmail Sendmail Switch 2.2.4
Sendmail Sendmail 2.6.2
Sendmail Sendmail 3.0
Sendmail Sendmail 3.0.1
Sendmail Sendmail 8.11.1
Sendmail Sendmail 8.11.2
Sendmail Sendmail 8.12.2
Sendmail Sendmail 8.12.3
Sendmail Sendmail 8.12
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »