Search CVE reports


Toggle filters

1 – 10 of 62 results


CVE-2024-39929

Medium priority

Some fixes available 5 of 6

Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of...

1 affected package

exim4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-42118

Medium priority
Vulnerable

Exim libspf2 Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Exim libspf2. Authentication is not required to...

2 affected packages

exim4, libspf2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
libspf2 Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2023-51766

Medium priority

Some fixes available 7 of 9

Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an...

1 affected package

exim4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-42119

Medium priority
Fixed

Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to...

1 affected package

exim4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-42117

Medium priority
Fixed

Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to...

1 affected package

exim4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-42116

Medium priority
Fixed

Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit...

1 affected package

exim4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-42115

Medium priority
Fixed

Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit...

1 affected package

exim4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Fixed Fixed Not affected Not affected
Show less packages

CVE-2023-42114

Medium priority
Fixed

Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit...

1 affected package

exim4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-3620

Negligible priority
Not affected

A vulnerability was found in Exim and classified as problematic. This issue affects the function dmarc_dns_lookup of the file dmarc.c of the component DMARC Handler. The manipulation leads to use after free. The attack may...

1 affected package

exim4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Not affected Not affected Not affected Not affected
Show less packages

CVE-2022-3559

Medium priority
Fixed

A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch...

1 affected package

exim4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Fixed Fixed Fixed Not affected
Show less packages