Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exim exim vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-42117
Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exis...
NA
CVE-2014-2972
expand.c in Exim prior to 4.83 expands mathematical comparisons twice, which allows local users to gain privileges and execute arbitrary commands via a crafted lookup value.
Exim Exim 4.70
Exim Exim 4.69
Exim Exim 4.66
Exim Exim 4.10
Exim Exim 4.76
Exim Exim 4.24
Exim Exim 4.30
Exim Exim 4.21
Exim Exim 4.03
Exim Exim 4.51
Exim Exim 4.71
Exim Exim 4.74
Exim Exim 4.67
Exim Exim 4.63
Exim Exim 4.00
Exim Exim 4.43
Exim Exim 4.22
Exim Exim 4.40
Exim Exim 4.52
Exim Exim 4.60
Exim Exim 4.61
Exim Exim 4.68
NA
CVE-2014-2957
The dmarc_process function in dmarc.c in Exim prior to 4.82.1, when EXPERIMENTAL_DMARC is enabled, allows remote malicious users to execute arbitrary code via the From header in an email, which is passed to the expand_string function.
Exim Exim 4.70
Exim Exim 4.69
Exim Exim 4.66
Exim Exim 4.10
Exim Exim 4.76
Exim Exim
Exim Exim 4.24
Exim Exim 4.30
Exim Exim 4.21
Exim Exim 4.03
Exim Exim 4.51
Exim Exim 4.71
Exim Exim 4.74
Exim Exim 4.67
Exim Exim 4.63
Exim Exim 4.00
Exim Exim 4.43
Exim Exim 4.22
Exim Exim 4.40
Exim Exim 4.52
Exim Exim 4.60
Exim Exim 4.61
NA
CVE-2012-5671
Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 up to and including 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote malicious users to ...
Exim Exim 4.70
Exim Exim 4.76
Exim Exim 4.71
Exim Exim 4.74
Exim Exim 4.77
Exim Exim 4.72
Exim Exim 4.75
Exim Exim 4.80
Exim Exim 4.73
NA
CVE-2012-2140
The Mail gem prior to 2.4.3 for Ruby allows remote malicious users to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
Rubygems Mail Gem 2.3.2
Rubygems Mail Gem 2.3.3
Rubygems Mail Gem
NA
CVE-2011-1764
Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim prior to 4.76 might allow remote malicious users to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstra...
Exim Exim
Exim Exim 2.11
Exim Exim 4.70
Exim Exim 4.69
Exim Exim 4.66
Exim Exim 4.10
Exim Exim 3.16
Exim Exim 3.21
Exim Exim 3.01
Exim Exim 3.31
Exim Exim 4.24
Exim Exim 3.33
Exim Exim 3.30
Exim Exim 4.30
Exim Exim 4.21
Exim Exim 4.03
Exim Exim 4.51
Exim Exim 4.71
Exim Exim 4.74
Exim Exim 4.67
Exim Exim 4.63
Exim Exim 4.00
2 Nmap scripts
1 Github repository
NA
CVE-2011-1407
The DKIM implementation in Exim 4.7x prior to 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote malicious users to execute arbitrary code or access a filesystem via a crafted identity.
Exim Exim 4.70
Exim Exim 4.71
Exim Exim 4.74
Exim Exim 4.72
Exim Exim 4.75
Exim Exim 4.73
NA
CVE-2011-0017
The open_log function in log.c in Exim 4.72 and previous versions does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
Exim Exim 2.11
Exim Exim 4.70
Exim Exim 4.69
Exim Exim 4.66
Exim Exim 4.10
Exim Exim 3.16
Exim Exim 3.21
Exim Exim 3.01
Exim Exim 3.31
Exim Exim 4.24
Exim Exim 3.33
Exim Exim 3.30
Exim Exim
Exim Exim 4.30
Exim Exim 4.21
Exim Exim 4.03
Exim Exim 4.51
Exim Exim 4.71
Exim Exim 4.67
Exim Exim 4.63
Exim Exim 4.00
Exim Exim 4.43
NA
CVE-2010-4344
Heap-based buffer overflow in the string_vformat function in string.c in Exim prior to 4.70 allows remote malicious users to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to impro...
Exim Exim 2.11
Exim Exim 4.66
Exim Exim 4.10
Exim Exim 3.16
Exim Exim 3.21
Exim Exim 3.01
Exim Exim 3.31
Exim Exim 4.24
Exim Exim 3.33
Exim Exim 3.30
Exim Exim 4.30
Exim Exim 4.21
Exim Exim 4.03
Exim Exim 4.51
Exim Exim 4.67
Exim Exim 4.63
Exim Exim 4.00
Exim Exim 4.43
Exim Exim 4.22
Exim Exim 3.10
Exim Exim 4.40
Exim Exim 4.52
2 EDB exploits
2 Nmap scripts
2 Github repositories
NA
CVE-2010-4345
Exim 4.72 and previous versions allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
Exim Exim 2.11
Exim Exim 4.70
Exim Exim 4.69
Exim Exim 4.66
Exim Exim 4.10
Exim Exim 3.16
Exim Exim 3.21
Exim Exim 3.01
Exim Exim 3.31
Exim Exim 4.24
Exim Exim 3.33
Exim Exim 3.30
Exim Exim
Exim Exim 4.30
Exim Exim 4.21
Exim Exim 4.03
Exim Exim 4.51
Exim Exim 4.71
Exim Exim 4.67
Exim Exim 4.63
Exim Exim 4.00
Exim Exim 4.43
1 EDB exploit
2 Metasploit modules
2 Nmap scripts
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »