Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sendmail vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-28247
The lettre library up to and including 0.10.0-alpha for Rust allows arbitrary sendmail option injection via transport/sendmail/mod.rs.
Lettre Lettre 0.7.0
Lettre Lettre
Lettre Lettre 0.10.0
10
CVSSv2
CVE-2002-1582
compose.cgi in Mailreader.com 2.3.30 and 2.3.31, when using Sendmail as the Mail Transfer Agent, allows remote malicious users to execute arbitrary commands via shell metacharacters in the RealEmail configuration variable, which is used to call Sendmail in network.cgi.
Mailreader.com Mailreader.com 2.3.30
Mailreader.com Mailreader.com 2.3.31
NA
CVE-2022-31256
A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local malicious users to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail vers...
Opensuse Factory
7.5
CVSSv2
CVE-2002-1278
The mailconf module in Linuxconf 1.24, and other versions prior to 1.28, on Conectiva Linux 6.0 through 8, and possibly other distributions, generates the Sendmail configuration file (sendmail.cf) in a way that configures Sendmail to run as an open mail relay, which allows remote...
Jacques Gelinas Linuxconf 1.2.5r3
Jacques Gelinas Linuxconf 1.2.4r2
5
CVSSv2
CVE-1999-0096
Sendmail decode alias can be used to overwrite sensitive files.
Freebsd Freebsd 2.1.6.1
Sco Internet Faststart 1.0
Sco Internet Faststart 1.1
Sco Openserver 5.0
Freebsd Freebsd 2.1.5
Bsdi Bsd Os
Freebsd Freebsd 2.1.6
Sco Openserver 5.0.2
10
CVSSv2
CVE-1999-0565
A Sendmail alias allows input to be piped to a program.
10
CVSSv2
CVE-2021-40643
EyesOfNetwork prior to 07-07-2021 has a Remote Code Execution vulnerability on the mail options configuration page. In the location of the "sendmail" application in the "cacti" configuration page (by default/usr/sbin/sendmail) it is possible to execute any com...
Eyesofnetwork Eyesofnetwork
7.5
CVSSv2
CVE-1999-0057
Vacation program allows command execution by remote users through a sendmail command.
Eric Allman Vacation
Hp Hp-ux 10.00
Hp Hp-ux 10.09
Hp Hp-ux 10.24
Hp Hp-ux 9
Ibm Aix
Sun Sunos
Freebsd Freebsd 6.2
Hp Vvos
Sun Solaris
4.3
CVSSv2
CVE-2022-0741
Improper input validation in all versions of GitLab CE/EE using sendmail to send emails allowed an malicious user to steal environment variables via specially crafted email addresses.
Gitlab Gitlab
6
CVSSv2
CVE-2016-9920
steps/mail/sendmail.inc in Roundcube prior to 1.1.7 and 1.2.x prior to 1.2.3, when no SMTP server is configured and the sendmail program is enabled, does not properly restrict the use of custom envelope-from addresses on the sendmail command line, which allows remote authenticate...
Roundcube Webmail
Roundcube Webmail 1.2.1
Roundcube Webmail 1.2.2
Roundcube Webmail 1.2.0
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »