CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

74 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в exim4

Exim 4 before 4.94.2 allows Heap-based Buffer Overflows because it mishandles the "-F’.‘” syntax on the command line. This may allow privilege escalation from any user to root. This issue occurs due to the incorrect interpretation of negative sizes in the strncpy function...

7.8CVSS7.1AI score0.00049EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 3:26 p.m.•4 views

CVE-2020-28019

Exim 4 before 4.94.2 has Improper Initialization that can lead to recursion-based stack consumption or other consequences. This occurs because use of certain getc functions is mishandled when a client uses BDAT instead of DATA...

7.5CVSS7.5AI score0.01574EPSS

Exploits1

SUSE CVE•added 2023/02/15 3:52 a.m.•2 views

SUSE CVE-2020-28016

Exim 4 before 4.94.2 allows an off-by-two Out-of-bounds Write because "-F ''" is mishandled by parsefixphrase...

7.8CVSS7.9AI score0.00047EPSS

Exploits1References6

OSV•added 2021/08/10 3:15 p.m.•0 views

UBUNTU-CVE-2021-38371

The STARTTLS feature in Exim through 4.94.2 allows response injection buffering during MTA SMTP sending...

7.5CVSS7.3AI score0.02209EPSS

Exploits0References5

Positive Technologies•added 2021/08/10 12:0 a.m.•1 views

PT-2021-7698 · Exim +4 · Exim +4

Name of the Vulnerable Software and Affected Versions: Exim versions through 4.94.2 Description: The issue is related to the STARTTLS feature in Exim, which allows response injection during MTA SMTP sending. This is due to insufficient neutralization of special elements in the request. The...

9.8CVSS6.5AI score0.19257EPSS

Exploits3References43

OPENSUSE Linux•added 2021/05/20 12:0 a.m.•68 views

Security update for exim (critical)

openSUSE Security Update: Security update for exim Announcement ID: openSUSE-SU-2021:0754-1 Rating: critical References: 1079832 1171490 1171877 1173693 1185631 Cross-References: CVE-2017-1000369 CVE-2017-16943 CVE-2017-16944 CVE-2018-6789 CVE-2019-16928 CVE-2020-12783 CVE-2020-28007 CVE-2020-280...

9.8CVSS8.4AI score0.9031EPSS

Exploits34References5

NVD•added 2021/05/06 1:15 p.m.•20 views

CVE-2021-27216

Exim 4 before 4.94.2 has Execution with Unnecessary Privileges. By leveraging a deletepidfile race condition, a local user can delete arbitrary files as root. This involves the -oP and -oPX options...

6.3CVSS0.00057EPSS

Exploits4References1

NVD•added 2021/05/06 1:15 p.m.•22 views

CVE-2020-28021

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. An authenticated remote SMTP client can insert newline characters into a spool file which indirectly leads to remote code execution as root via AUTH= in a MAIL FROM command...

9CVSS0.05711EPSS

Exploits1References1

OSV•added 2021/05/06 1:15 p.m.•19 views

CVE-2020-28015

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character...

7.8CVSS9.5AI score0.00041EPSS

Exploits1References1

NVD•added 2021/05/06 1:15 p.m.•20 views

CVE-2020-28016

Exim 4 before 4.94.2 allows an off-by-two Out-of-bounds Write because "-F ''" is mishandled by parsefixphrase...

7.8CVSS0.00047EPSS

Exploits1References1

OSV•added 2021/05/06 1:15 p.m.•30 views

CVE-2020-28016

Exim 4 before 4.94.2 allows an off-by-two Out-of-bounds Write because "-F ''" is mishandled by parsefixphrase...

7.8CVSS6.8AI score0.00047EPSS

Exploits1References1

OSV•added 2021/05/06 1:15 p.m.•32 views

CVE-2020-28021

8.8CVSS9.6AI score0.05711EPSS

Exploits1References1

NVD•added 2021/05/06 1:15 p.m.•21 views

CVE-2020-28019

7.5CVSS0.01574EPSS

Exploits1References1

NVD•added 2021/05/06 1:15 p.m.•16 views

CVE-2020-28011

Exim 4 before 4.94.2 allows Heap-based Buffer Overflow in queuerun via two sender options: -R and -S. This may cause privilege escalation from exim to root...

7.8CVSS0.00049EPSS

Exploits1References1

NVD•added 2021/05/06 1:15 p.m.•15 views

CVE-2020-28023

Exim 4 before 4.94.2 allows Out-of-bounds Read. smtpsetupmsg may disclose sensitive information from process memory to an unauthenticated SMTP client...

7.5CVSS0.0298EPSS

Exploits1References1

NVD•added 2021/05/06 1:15 p.m.•13 views

CVE-2020-28025

Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkimfinishbodyhash does not validate the relationship between sig-bodyhash.len and b-bh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory...

7.5CVSS0.01407EPSS

Exploits1References1

NVD•added 2021/05/06 1:15 p.m.•20 views

CVE-2020-28017

Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receiveaddrecipient via an e-mail message with fifty million recipients. NOTE: remote exploitation may be difficult because of resource consumption...

9.8CVSS0.03214EPSS

Exploits1References1

OSV•added 2021/05/06 1:15 p.m.•18 views

CVE-2020-28013

Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F '.'" on the command line, and thus may allow privilege escalation from any user to root. This occurs because of the interpretation of negative sizes in strncpy...

7.8CVSS9.7AI score0.00049EPSS

Exploits1References1

OSV•added 2021/05/06 1:15 p.m.•21 views

CVE-2020-28012

Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because rdainterpret uses a privileged pipe that lacks a close-on-exec flag...

7.8CVSS9.3AI score0.00046EPSS

Exploits1References1

OSV•added 2021/05/06 1:15 p.m.•17 views

CVE-2020-28011

Exim 4 before 4.94.2 allows Heap-based Buffer Overflow in queuerun via two sender options: -R and -S. This may cause privilege escalation from exim to root...

7.8CVSS9.6AI score0.00049EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by