Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exim vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-18396
cPanel prior to 68.0.15 allows arbitrary file-read operations via Exim vdomainaliases (SEC-329).
Cpanel Cpanel
9.8
CVSSv3
CVE-2020-26098
cPanel prior to 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485).
Cpanel Cpanel
7.5
CVSSv3
CVE-2019-14388
cPanel prior to 82.0.2 allows unauthenticated file creation because Exim log parsing is mishandled (SEC-507).
Cpanel Cpanel
6.5
CVSSv3
CVE-2017-18477
In cPanel prior to 62.0.4, Exim transports could execute in the context of the nobody account (SEC-206).
Cpanel Cpanel
5.5
CVSSv3
CVE-2019-14404
cPanel prior to 78.0.18 allows certain file-read operations in the context of the root account via the Exim virtual_user_spam router (SEC-484).
Cpanel Cpanel
8.8
CVSSv3
CVE-2017-18475
In cPanel prior to 62.0.4, Exim piped filters ran in the context of an incorrect user account when delivering to a system user (SEC-204).
Cpanel Cpanel
NA
CVE-2012-2140
The Mail gem prior to 2.4.3 for Ruby allows remote malicious users to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
Rubygems Mail Gem
Rubygems Mail Gem 2.3.3
Rubygems Mail Gem 2.3.2
9.8
CVSSv3
CVE-2016-10034
The setFrom function in the Sendmail adapter in the zend-mail component prior to 2.4.11, 2.5.x, 2.6.x, and 2.7.x prior to 2.7.2, and Zend Framework prior to 2.4.11 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary c...
Zend Zend Framework
Zend Zend-mail 2.6.2
Zend Zend-mail 2.7.0
Zend Zend-mail 2.7.1
Zend Zend-mail 2.5.0
Zend Zend-mail
Zend Zend-mail 2.6.0
Zend Zend-mail 2.6.1
Zend Zend-mail 2.5.1
Zend Zend-mail 2.5.2
3 EDB exploits
3 Github repositories
NA
CVE-2007-1926
Cross-site scripting (XSS) vulnerability in JBMC Software DirectAdmin prior to 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML via (1) http or (2) ftp requests logged in /var/log/directadmin/security.log; (...
Jbmc Software Directadmin
NA
CVE-2009-1417
gnutls-cli in GnuTLS prior to 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote malicious users to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls...
Gnu Gnutls 1.0.22
Gnu Gnutls 1.0.23
Gnu Gnutls 1.0.24
Gnu Gnutls 1.1.21
Gnu Gnutls 1.1.20
Gnu Gnutls 1.1.15
Gnu Gnutls 1.0.25
Gnu Gnutls 1.2.3
Gnu Gnutls 1.2.2
Gnu Gnutls 1.3.4
Gnu Gnutls 1.2.7
Gnu Gnutls 1.5.0
Gnu Gnutls 1.4.4
Gnu Gnutls 1.6.2
Gnu Gnutls 1.5.5
Gnu Gnutls 1.7.14
Gnu Gnutls 1.7.15
Gnu Gnutls 1.0.18
Gnu Gnutls 1.0.19
Gnu Gnutls 1.1.19
Gnu Gnutls 1.1.16
Gnu Gnutls 1.2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »