Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exim exim vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-16928
Exim 4.92 up to and including 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
Exim Exim
Canonical Ubuntu Linux 19.04
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
1 Github repository
1 Article
10
CVSSv2
CVE-2019-15846
Exim prior to 4.92.2 allows remote malicious users to execute arbitrary code as root via a trailing backslash.
Exim Exim
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5 Github repositories
2 Articles
6.8
CVSSv2
CVE-2017-18474
cPanel prior to 62.0.4 allows arbitrary file-read operations via Exim valiases (SEC-201).
Cpanel Cpanel
4
CVSSv2
CVE-2017-18477
In cPanel prior to 62.0.4, Exim transports could execute in the context of the nobody account (SEC-206).
Cpanel Cpanel
6.5
CVSSv2
CVE-2017-18475
In cPanel prior to 62.0.4, Exim piped filters ran in the context of an incorrect user account when delivering to a system user (SEC-204).
Cpanel Cpanel
4.9
CVSSv2
CVE-2017-18396
cPanel prior to 68.0.15 allows arbitrary file-read operations via Exim vdomainaliases (SEC-329).
Cpanel Cpanel
4.9
CVSSv2
CVE-2019-14404
cPanel prior to 78.0.18 allows certain file-read operations in the context of the root account via the Exim virtual_user_spam router (SEC-484).
Cpanel Cpanel
5
CVSSv2
CVE-2019-14388
cPanel prior to 82.0.2 allows unauthenticated file creation because Exim log parsing is mishandled (SEC-507).
Cpanel Cpanel
10
CVSSv2
CVE-2019-13917
Exim 4.85 up to and including 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).
Exim Exim
Debian Debian Linux 10.0
Debian Debian Linux 9.0
10
CVSSv2
CVE-2019-10149
A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
Exim Exim
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
3 EDB exploits
14 Github repositories
2 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »