Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exim exim vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2020-8015
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local malicious users to escalate from user mail to root. This issue affects: openSUSE Factory exim versions before 4.93.0.4-3.1.
Exim Exim
7.2
CVSSv2
CVE-2005-0021
Multiple buffer overflows in Exim prior to 4.43 may allow malicious users to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command...
University Of Cambridge Exim
University Of Cambridge Exim 4.41
University Of Cambridge Exim 4.42
2 EDB exploits
7.2
CVSSv2
CVE-2002-1381
Format string vulnerability in daemon.c for Exim 4.x up to and including 4.10, and 3.x up to and including 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.
University Of Cambridge Exim 3.35
University Of Cambridge Exim 3.36
University Of Cambridge Exim 4.10
1 EDB exploit
7.2
CVSSv2
CVE-1999-0971
Buffer overflow in Exim allows local users to gain root privileges via a long :include: option in a .forward file.
University Of Cambridge Exim
1 EDB exploit
7.2
CVSSv2
CVE-1999-0145
Sendmail WIZ command enabled, allowing root access.
Eric Allman Sendmail
6.9
CVSSv2
CVE-2016-1531
Exim prior to 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument.
Exim Exim
3 EDB exploits
6 Github repositories
6.9
CVSSv2
CVE-2011-0017
The open_log function in log.c in Exim 4.72 and previous versions does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
Exim Exim 4.43
Exim Exim 4.34
Exim Exim 4.61
Exim Exim 4.60
Exim Exim 4.42
Exim Exim 4.65
Exim Exim 4.32
Exim Exim 4.20
Exim Exim 4.02
Exim Exim 4.01
Exim Exim 3.30
Exim Exim 3.22
Exim Exim 3.12
Exim Exim 3.11
Exim Exim 2.11
Exim Exim 2.10
Exim Exim 4.69
Exim Exim 4.50
Exim Exim 4.44
Exim Exim 4.63
Exim Exim 4.62
Exim Exim 4.21
6.9
CVSSv2
CVE-2010-4345
Exim 4.72 and previous versions allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
Exim Exim 2.11
Exim Exim 4.70
Exim Exim 4.69
Exim Exim 4.66
Exim Exim 4.10
Exim Exim 3.16
Exim Exim 3.21
Exim Exim 3.01
Exim Exim 3.31
Exim Exim 4.24
Exim Exim 3.33
Exim Exim 3.30
Exim Exim
Exim Exim 4.30
Exim Exim 4.21
Exim Exim 4.03
Exim Exim 4.51
Exim Exim 4.71
Exim Exim 4.67
Exim Exim 4.63
Exim Exim 4.00
Exim Exim 4.43
1 EDB exploit
2 Metasploit modules
2 Nmap scripts
6.8
CVSSv2
CVE-2017-18474
cPanel prior to 62.0.4 allows arbitrary file-read operations via Exim valiases (SEC-201).
Cpanel Cpanel
6.8
CVSSv2
CVE-2014-2957
The dmarc_process function in dmarc.c in Exim prior to 4.82.1, when EXPERIMENTAL_DMARC is enabled, allows remote malicious users to execute arbitrary code via the From header in an email, which is passed to the expand_string function.
Exim Exim 4.77
Exim Exim 4.76
Exim Exim 4.75
Exim Exim 4.74
Exim Exim 4.60
Exim Exim 4.54
Exim Exim 4.53
Exim Exim 4.52
Exim Exim 4.24
Exim Exim 4.23
Exim Exim 4.22
Exim Exim 4.21
Exim Exim 4.20
Exim Exim 4.80.1
Exim Exim 4.72
Exim Exim 4.70
Exim Exim 4.65
Exim Exim 4.63
Exim Exim 4.61
Exim Exim 4.51
Exim Exim 4.44
Exim Exim 4.32
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »