📦 Exim

CVE-2023-42115 is a critical out-of-bounds write vulnerability in Exim's SMTP service that allows unauthenticated remote attackers to execute arbitrary code on vulnerable systems. This affects Exim in...

This is a critical remote code execution vulnerability in Exim mail servers that allows unauthenticated attackers to execute arbitrary code by sending specially crafted data to the SMTP service. The v...

CVE-2020-28017 is an integer overflow vulnerability in Exim mail transfer agent that can lead to buffer overflow when processing emails with an excessive number of recipients. This affects Exim server...

CVE-2020-28020 is an integer overflow vulnerability in Exim mail transfer agent that leads to buffer overflow, allowing unauthenticated remote attackers to execute arbitrary code by exploiting header ...

CVE-2020-28022 is a critical heap-based buffer overflow vulnerability in Exim mail servers that allows remote attackers to execute arbitrary code by sending specially crafted MAIL FROM or RCPT TO comm...

CVE-2020-28024 is a critical buffer underwrite vulnerability in Exim mail servers that allows unauthenticated remote attackers to execute arbitrary commands. The vulnerability occurs because the smtp_...

CVE-2020-28026 is a critical vulnerability in Exim mail servers that allows unauthenticated remote attackers to execute arbitrary commands as root when Delivery Status Notification (DSN) is enabled. T...

A heap-based buffer overflow vulnerability in Exim mail servers with certain non-default rate-limit configurations allows remote attackers to potentially execute arbitrary code or cause denial of serv...

A use-after-free vulnerability in Exim versions 4.96 through 4.98.1 allows users with command-line access to escalate privileges. This affects systems running vulnerable Exim versions where users have...

Exim mail servers running versions 4.98 before 4.98.1 with SQLite hints and ETRN serialization enabled are vulnerable to remote SQL injection attacks. This allows attackers to potentially execute arbi...

This vulnerability in Exim's STARTTLS implementation allows attackers to inject malicious responses during SMTP communication by exploiting buffering issues. It affects Exim mail servers using STARTTL...

CVE-2020-28007 is a privilege escalation vulnerability in Exim mail servers where an attacker can create symbolic or hard links in the log directory to overwrite critical root-owned files anywhere on ...

CVE-2020-28009 is an integer overflow vulnerability in Exim mail transfer agent versions before 4.94.2. It allows remote attackers to cause buffer overflow via unbounded reads in get_stdinput function...

CVE-2020-28011 is a heap-based buffer overflow vulnerability in Exim mail transfer agent versions before 4.94.2. Attackers can exploit this via the -R and -S sender options during queue processing to ...

CVE-2020-28013 is a heap-based buffer overflow vulnerability in Exim mail transfer agent versions before 4.94.2. It allows local privilege escalation from any user to root by exploiting improper handl...

CVE-2020-28015 is a vulnerability in Exim mail transfer agent where local users can inject newline characters into recipient addresses, potentially altering the behavior of root processes. This affect...

This vulnerability in Exim mail servers allows remote attackers to cause a denial of service through stack consumption via specially crafted BDAT commands. It affects Exim installations that accept BD...

This vulnerability in Exim mail servers allows attackers to bypass filename extension filtering by using specially crafted multiline RFC 2231 headers. Attackers can deliver executable attachments that...