Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exim exim vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2020-12783
Exim up to and including 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.
Exim Exim
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
445
VMScore
CVE-2019-14388
cPanel prior to 82.0.2 allows unauthenticated file creation because Exim log parsing is mishandled (SEC-507).
Cpanel Cpanel
445
VMScore
CVE-2009-1417
gnutls-cli in GnuTLS prior to 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote malicious users to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls...
Gnu Gnutls 1.0.22
Gnu Gnutls 1.0.23
Gnu Gnutls 1.0.24
Gnu Gnutls 1.1.21
Gnu Gnutls 1.1.20
Gnu Gnutls 1.1.15
Gnu Gnutls 1.0.25
Gnu Gnutls 1.2.3
Gnu Gnutls 1.2.2
Gnu Gnutls 1.3.4
Gnu Gnutls 1.2.7
Gnu Gnutls 1.5.0
Gnu Gnutls 1.4.4
Gnu Gnutls 1.6.2
Gnu Gnutls 1.5.5
Gnu Gnutls 1.7.14
Gnu Gnutls 1.7.15
Gnu Gnutls 1.0.18
Gnu Gnutls 1.0.19
Gnu Gnutls 1.1.19
Gnu Gnutls 1.1.16
Gnu Gnutls 1.2.1
445
VMScore
CVE-2008-1950
Integer signedness error in the _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in libgnutls in GnuTLS prior to 2.2.4 allows remote malicious users to cause a denial of service (buffer over-read and crash) via a certain integer value in the Random field in an encryp...
Gnu Gnutls 2.3.5
Gnu Gnutls 1.6.0
Gnu Gnutls 2.0.0
Gnu Gnutls 1.5.0
Gnu Gnutls 1.2.8
Gnu Gnutls 1.1.14
Gnu Gnutls 2.3.4
Gnu Gnutls 1.7.3
Gnu Gnutls 1.4.1
Gnu Gnutls 1.4.3
Gnu Gnutls 1.2.11
Gnu Gnutls 1.1.21
Gnu Gnutls 1.7.5
Gnu Gnutls 1.7.11
Gnu Gnutls 1.0.20
Gnu Gnutls 1.2.5
Gnu Gnutls 2.2.4
Gnu Gnutls 1.2.4
Gnu Gnutls 1.3.1
Gnu Gnutls 1.0.24
Gnu Gnutls 1.7.15
Gnu Gnutls 1.6.1
445
VMScore
CVE-2006-1251
Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote malicious users to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm...
Sa-exim Sa-exim 4.0
Sa-exim Sa-exim 4.1
Sa-exim Sa-exim 4.2
440
VMScore
CVE-2006-4343
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 prior to 0.9.7l, 0.9.8 prior to 0.9.8d, and previous versions versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.8
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.7i
Debian Debian Linux 3.1
Canonical Ubuntu Linux 5.04
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
2 EDB exploits
436
VMScore
CVE-2017-18396
cPanel prior to 68.0.15 allows arbitrary file-read operations via Exim vdomainaliases (SEC-329).
Cpanel Cpanel
436
VMScore
CVE-2019-14404
cPanel prior to 78.0.18 allows certain file-read operations in the context of the root account via the Exim virtual_user_spam router (SEC-484).
Cpanel Cpanel
409
VMScore
CVE-2014-2972
expand.c in Exim prior to 4.83 expands mathematical comparisons twice, which allows local users to gain privileges and execute arbitrary commands via a crafted lookup value.
Exim Exim 4.77
Exim Exim 4.76
Exim Exim 4.69
Exim Exim 4.68
Exim Exim 4.61
Exim Exim 4.60
Exim Exim 4.42
Exim Exim 4.41
Exim Exim 4.24
Exim Exim 4.23
Exim Exim 4.10
Exim Exim 4.05
Exim Exim 4.75
Exim Exim 4.74
Exim Exim 4.67
Exim Exim 4.66
Exim Exim 4.54
Exim Exim 4.53
Exim Exim 4.40
Exim Exim 4.34
Exim Exim 4.22
Exim Exim 4.21
409
VMScore
CVE-2005-0022
Buffer overflow in the spa_base64_to_bits function in Exim prior to 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow malicious users to execute arbitrary code during SPA authentication.
University Of Cambridge Exim
University Of Cambridge Exim 4.41
University Of Cambridge Exim 4.42
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »