Search CVE reports
1 – 10 of 62 results
CVE-2024-39929
Medium prioritySome fixes available 5 of 6
Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of...
1 affected package
exim4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
exim4 | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2023-42118
Medium priorityExim libspf2 Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Exim libspf2. Authentication is not required to...
2 affected packages
exim4, libspf2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
exim4 | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
libspf2 | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2023-51766
Medium prioritySome fixes available 7 of 9
Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an...
1 affected package
exim4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
exim4 | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2023-42119
Medium priorityExim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to...
1 affected package
exim4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
exim4 | — | Fixed | Fixed | Fixed | Fixed |
CVE-2023-42117
Medium priorityExim Improper Neutralization of Special Elements Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to...
1 affected package
exim4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
exim4 | — | Fixed | Fixed | Fixed | Fixed |
CVE-2023-42116
Medium priorityExim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit...
1 affected package
exim4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
exim4 | — | Fixed | Fixed | Fixed | Fixed |
CVE-2023-42115
Medium priorityExim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit...
1 affected package
exim4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
exim4 | — | Fixed | Fixed | Not affected | Not affected |
CVE-2023-42114
Medium priorityExim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit...
1 affected package
exim4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
exim4 | — | Fixed | Fixed | Fixed | Fixed |
CVE-2022-3620
Negligible priorityA vulnerability was found in Exim and classified as problematic. This issue affects the function dmarc_dns_lookup of the file dmarc.c of the component DMARC Handler. The manipulation leads to use after free. The attack may...
1 affected package
exim4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
exim4 | — | Not affected | Not affected | Not affected | Not affected |
CVE-2022-3559
Medium priorityA vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch...
1 affected package
exim4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
exim4 | — | Fixed | Fixed | Fixed | Not affected |