Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sendmail sendmail vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2012-2140
The Mail gem prior to 2.4.3 for Ruby allows remote malicious users to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
Rubygems Mail Gem
Rubygems Mail Gem 2.3.3
Rubygems Mail Gem 2.3.2
641
VMScore
CVE-2012-2200
The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, allows local users to gain privileges by entering a command in a .forward file in a home directory.
Ibm Aix 6.1
Ibm Aix 7.1
Ibm Vios 2.2.1.4
605
VMScore
CVE-2011-0739
The deliver function in the sendmail delivery agent (lib/mail/network/delivery_methods/sendmail.rb) in Ruby Mail gem 2.2.14 and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in an e-mail address.
Mikel Lindsaar Mail 2.2.12
Mikel Lindsaar Mail 2.2.11
Mikel Lindsaar Mail 2.2.5.2
Mikel Lindsaar Mail 2.2.5.1
Mikel Lindsaar Mail 2.1.5.2
Mikel Lindsaar Mail 2.1.5.1
Mikel Lindsaar Mail 2.2.10
Mikel Lindsaar Mail 2.2.9.1
Mikel Lindsaar Mail 2.2.5
Mikel Lindsaar Mail 2.2.4
Mikel Lindsaar Mail 2.2.3
Mikel Lindsaar Mail 2.1.5
Mikel Lindsaar Mail 2.1.3
Mikel Lindsaar Mail 1.5.3
Mikel Lindsaar Mail 1.5.2
Mikel Lindsaar Mail 1.3.5
Mikel Lindsaar Mail 1.3.4
Mikel Lindsaar Mail 1.2.7
Mikel Lindsaar Mail 1.2.6
Mikel Lindsaar Mail 1.6.0
Mikel Lindsaar Mail 1.5.4
Mikel Lindsaar Mail 1.4.2
668
VMScore
CVE-2009-4565
sendmail prior to 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle malicious users to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate C...
Sendmail Sendmail 8.14.2
Sendmail Sendmail
Sendmail Sendmail 8.7.8
Sendmail Sendmail 8.7.7
Sendmail Sendmail 8.7.6
Sendmail Sendmail 8.13.4
Sendmail Sendmail 8.13.3
Sendmail Sendmail 8.12
Sendmail Sendmail 8.12.4
Sendmail Sendmail 8.12.3
Sendmail Sendmail 8.12.2
Sendmail Sendmail 8.11.4
Sendmail Sendmail 8.11.3
Sendmail Sendmail 8.10
Sendmail Sendmail 2.6
Sendmail Sendmail 5.61
Sendmail Sendmail 5.65
Sendmail Sendmail 8.9.3
Sendmail Sendmail 8.9.2
Sendmail Sendmail 8.7.10
Sendmail Sendmail 8.6.7
Sendmail Sendmail 8.13.2
668
VMScore
CVE-2009-4023
Argument injection vulnerability in the sendmail implementation of the Mail::Send method (Mail/sendmail.php) in the Mail package 1.1.14 for PEAR allows remote malicious users to read and write arbitrary files via a crafted $from parameter, a different vector than CVE-2009-4111.
Pear Pear 1.1.14
505
VMScore
CVE-2009-1490
Heap-based buffer overflow in Sendmail prior to 8.13.2 allows remote malicious users to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header.
Sendmail Sendmail 5
Sendmail Sendmail 5.65
Sendmail Sendmail 2.6.1
Sendmail Sendmail 8.12
Sendmail Sendmail 8.11.7
Sendmail Sendmail 8.11.0
Sendmail Sendmail 8.10.2
Sendmail Sendmail 2.6
Sendmail Sendmail 8.12.7
Sendmail Sendmail 8.12.8
Sendmail Sendmail 8.12.1
Sendmail Sendmail 8.12.10
Sendmail Sendmail 8.9.1
Sendmail Sendmail 8.9.0
Sendmail Sendmail 8.10.0
Sendmail Sendmail 5.61
Sendmail Sendmail 3.0
Sendmail Sendmail 3.0.1
Sendmail Sendmail 8.11.1
Sendmail Sendmail 8.11.2
Sendmail Sendmail 8.7.8
Sendmail Sendmail 8.7.7
1 EDB exploit
1000
VMScore
CVE-2008-2469
Heap-based buffer overflow in the SPF_dns_resolv_lookup function in Spf_dns_resolv.c in libspf2 prior to 1.2.8 allows remote malicious users to execute arbitrary code via a long DNS TXT record with a modified length field.
Libspf Libspf2 1.2.5
Libspf Libspf2 1.2.4
Libspf Libspf2 1.2.3
Libspf Libspf2 1.2.1
Libspf Libspf2 1.0.4
Libspf Libspf2 1.0.3
Libspf Libspf2
Libspf Libspf2 1.2.6
Libspf Libspf2 1.0.2
1 EDB exploit
765
VMScore
CVE-2007-5208
hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x and 2.x prior to 2.7.10 allows context-dependent malicious users to execute arbitrary commands via shell metacharacters in a from address, which is not properly handled when invoking sendmail.
Hp Linux Imaging And Printing Project 1.0
Hp Linux Imaging And Printing Project
1 EDB exploit
776
VMScore
CVE-2007-4560
clamav-milter in ClamAV prior to 0.91.2, when run in black hole mode, allows remote malicious users to execute arbitrary commands via shell metacharacters that are used in a certain popen call, involving the "recipient field of sendmail."
Clam Anti-virus Clamav
3 EDB exploits
2 Github repositories
445
VMScore
CVE-2007-4538
email_in.pl in Bugzilla 2.23.4 up to and including 3.0.0 allows remote malicious users to execute arbitrary commands via the -f (From address) option to the Email::Send::Sendmail function, probably involving shell metacharacters.
Mozilla Bugzilla 2.6
Mozilla Bugzilla 2.8
Mozilla Bugzilla 2.23.4
Mozilla Bugzilla 2.4
Mozilla Bugzilla 2.9
Mozilla Bugzilla 3.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »