Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spamassassin vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-12420
In Apache SpamAssassin prior to 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the recommended fix but details will not be shared publicly.
Apache Spamassassin
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6.7
CVSSv3
CVE-2018-11805
In Apache SpamAssassin prior to 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA 3.4.3, we recommend that users should only use update chan...
Apache Spamassassin
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2020-1946
In Apache SpamAssassin prior to 3.4.5, malicious rule configuration (.cf) files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA version 3.4.5, users should only use...
Apache Spamassassin
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
9.8
CVSSv3
CVE-2018-11780
A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin prior to 3.4.2.
Apache Spamassassin
Pdfinfo Project Pdfinfo -
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
7.8
CVSSv3
CVE-2016-1238
(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpa...
Debian Debian Linux 8.0
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Perl Perl 5.003 92
Perl Perl 5.21.1
Perl Perl 5.9.3
Perl Perl 5.14.1
Perl Perl 5.8.0
Perl Perl 5.003 97
Perl Perl 5.6.0
Perl Perl 5.17.11
Perl Perl 5.24.1
Perl Perl 5.16.0
Perl Perl 5.19.6
Perl Perl 5.22.3
Perl Perl 5.17.4
Perl Perl 5.003 03
Perl Perl 5.18.4
Perl Perl 5.18.2
Perl Perl 5.8.4
Perl Perl 5.15.6
Perl Perl 5.004 04
4 Github repositories
NA
CVE-2007-6341
Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote malicious users to cause a denial of service (program "croak") via a crafted DNS response.
Net Dns Net Dns 0.60
1 EDB exploit
NA
CVE-2010-4777
The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent malicious users to cause a denial of service (assertion failure and application exit) via crafted input that is not properly...
Perl Perl 5.14.0
Perl Perl 5.12.0
Perl Perl 5.10
1 EDB exploit
7.5
CVSSv3
CVE-2019-13612
MDaemon Email Server 19 up to and including 20.0.1 skips SpamAssassin checks by default for e-mail messages larger than 2 MB (and limits checks to 10 MB even with special configuration), which is arguably inconsistent with currently popular message sizes. This might interfere wit...
Altn Mdaemon Email Server 19
NA
CVE-2009-1391
Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module prior to 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent malicious users to cause a denial of service (hang or crash) via a crafted zlib compressed...
Paul Marquess Compress-raw-zlib Perl Module 2.008
Paul Marquess Compress-raw-zlib Perl Module 2.006
Paul Marquess Compress-raw-zlib Perl Module 2.001
Paul Marquess Compress-raw-zlib Perl Module
Paul Marquess Compress-raw-zlib Perl Module 2.005
Paul Marquess Compress-raw-zlib Perl Module 2.004
Paul Marquess Compress-raw-zlib Perl Module 2.014
Paul Marquess Compress-raw-zlib Perl Module 2.012
Paul Marquess Compress-raw-zlib Perl Module 2.011
Paul Marquess Compress-raw-zlib Perl Module 2.003
Paul Marquess Compress-raw-zlib Perl Module 2.002
Paul Marquess Compress-raw-zlib Perl Module 2.010
Paul Marquess Compress-raw-zlib Perl Module 2.009
1 EDB exploit
NA
CVE-2007-3377
Header.pm in Net::DNS prior to 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote malicious users to spoof DNS responses, as originally reported f...
Nlnet Labs Net Dns 0.14
Nlnet Labs Net Dns 0.20
Nlnet Labs Net Dns 0.28
Nlnet Labs Net Dns 0.29
Nlnet Labs Net Dns 0.34 03
Nlnet Labs Net Dns 0.35
Nlnet Labs Net Dns 0.39 01
Nlnet Labs Net Dns 0.39 02
Nlnet Labs Net Dns 0.44
Nlnet Labs Net Dns 0.44 01
Nlnet Labs Net Dns 0.48
Nlnet Labs Net Dns 0.48 01
Nlnet Labs Net Dns 0.50
Nlnet Labs Net Dns 0.51
Nlnet Labs Net Dns 0.55
Nlnet Labs Net Dns 0.56
Nlnet Labs Net Dns 0.21
Nlnet Labs Net Dns 0.22
Nlnet Labs Net Dns 0.30
Nlnet Labs Net Dns 0.31
Nlnet Labs Net Dns 0.36
Nlnet Labs Net Dns 0.37
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »