Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exim exim - vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-37452
Exim prior to 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.
Exim Exim
Debian Debian Linux 10.0
1 Github repository
NA
CVE-2005-0022
Buffer overflow in the spa_base64_to_bits function in Exim prior to 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow malicious users to execute arbitrary code during SPA authentication.
University Of Cambridge Exim
University Of Cambridge Exim 4.41
University Of Cambridge Exim 4.42
NA
CVE-2005-0021
Multiple buffer overflows in Exim prior to 4.43 may allow malicious users to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command...
University Of Cambridge Exim
University Of Cambridge Exim 4.41
University Of Cambridge Exim 4.42
2 EDB exploits
NA
CVE-2002-1381
Format string vulnerability in daemon.c for Exim 4.x up to and including 4.10, and 3.x up to and including 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.
University Of Cambridge Exim 3.35
University Of Cambridge Exim 3.36
University Of Cambridge Exim 4.10
1 EDB exploit
7.5
CVSSv3
CVE-2022-37451
Exim prior to 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc.
Exim Exim
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2004-0399
Stack-based buffer overflow in Exim 3.35, and other versions prior to 4, when the sender_verify option is true, allows remote malicious users to cause a denial of service and possibly execute arbitrary code during sender verification.
University Of Cambridge Exim 3.35
University Of Cambridge Exim
1 EDB exploit
9.8
CVSSv3
CVE-2019-13917
Exim 4.85 up to and including 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).
Exim Exim
Debian Debian Linux 10.0
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2022-3559
A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a pa...
Exim Exim -
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
9.8
CVSSv3
CVE-2019-10149
A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
Exim Exim
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
3 EDB exploits
14 Github repositories
2 Articles
9.8
CVSSv3
CVE-2022-3620
A vulnerability was found in Exim and classified as problematic. This issue affects the function dmarc_dns_lookup of the file dmarc.c of the component DMARC Handler. The manipulation leads to use after free. The attack may be initiated remotely. The name of the patch is 12fb3842f...
Exim Exim 2022-10-18
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »