Lucene search
K

13 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 has an improper neutralization of line delimiters, which is relevant in non-default configurations that enable Delivery Status Notification DSN. Certain uses of ORCPT= can insert a new line into a spool header file, thereby indirectly allowing unauthenticated remote attackers...

9.8CVSS7.3AI score0.09285EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.1 views

EUVD-2020-20517

Malware in sbrugna...

9.8CVSS7.8AI score0.09285EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2004-2080

Malware in sbrugna...

5CVSS6.4AI score0.06892EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/08/05 12:0 a.m.87 views

Amazon Linux AMI : exim (ALAS-2022-1622)

The version of exim installed on the remote host is prior to 4.92-1.33. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1622 advisory. Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the log directory owned ...

9.8CVSS8.5AI score0.61061EPSS
Exploits6References31
NVD
NVD
added 2021/05/06 1:15 p.m.15 views

CVE-2020-28026

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification DSN. Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers to execute arbitrary...

9.8CVSS0.09285EPSS
Exploits1References1
OSV
OSV
added 2021/05/06 1:15 p.m.1 views

DEBIAN-CVE-2020-28026

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification DSN. Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers to execute arbitrary...

9.8CVSS8.2AI score0.09285EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2021/05/06 4:41 a.m.48 views

CVE-2020-28026

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification DSN. Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers to execute arbitrary...

9.8CVSS8.6AI score0.09285EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2021/05/06 4:41 a.m.71 views

CVE-2020-28026

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification DSN. Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers to execute arbitrary...

9.8CVSS8.4AI score0.09285EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2021/05/06 12:0 a.m.59 views

Ubuntu 16.04 ESM : Exim vulnerabilities (USN-4934-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4934-2 advisory. USN-4934-1 fixed several vulnerabilities in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2020-28026...

9.8CVSS7.8AI score0.36071EPSS
Exploits6References17
UbuntuCve
UbuntuCve
added 2021/05/04 1:30 p.m.108 views

CVE-2020-28026

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification DSN. Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers to execute arbitrary...

9.8CVSS7.2AI score0.09285EPSS
Exploits1References3
OSV
OSV
added 2021/05/04 1:30 p.m.2 views

UBUNTU-CVE-2020-28026

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification DSN. Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers to execute arbitrary...

9.8CVSS7.2AI score0.09285EPSS
Exploits1References4
CVE
CVE
added 2005/05/19 4:0 a.m.50 views

CVE-2004-2088

Sophos Anti-Virus 3.78 is affected. The vulnerability allows remote attackers to bypass the virus scan by crafting a qmail-generated Delivery Status Notification (DSN) that omits the original email in the bounce message. The core issue is the DSN handling during bounce processing, enabling bypass...

5CVSS7.1AI score0.06892EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2005/05/19 4:0 a.m.18 views

CVE-2004-2088

Sophos Anti-Virus 3.78 allows remote attackers to bypass virus scanning by using a qmail generated Delivery Status Notification DSN where the original email is not included in the bounce message...

6.7AI score0.06892EPSS
Exploits0References5
Rows per page
Query Builder