USN-8382-1 exim4 vulnerabilities

Timo Longin discovered that Exim incorrectly handled certain SMTP messages in PIPELINING/CHUNKING configurations. A remote attacker could possibly use this issue to perform SMTP smuggling. This issue only affected Ubuntu 14.04 LTS. CVE-2023-51766 It was discovered that Exim incorrectly handled...

Debian dsa-6309 : exim4 - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6309 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6309-1 [email protected] https://www.debian.org/security/...

Astra Linux - уязвимость в exim4

A use-after-free exists in Exim 4.96 through 4.98.1, which could allow users with command-line access to escalate their privileges...

Astra Linux - уязвимость в exim4

Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected Exim installations. Authentication is not required to exploit this vulnerability. The specific flaw lies in the handling of NTLM...

Astra Linux - уязвимость в exim4

Exim NTLM Challenge Out-of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected Exim installations. Authentication is not required to exploit this vulnerability. The specific flaw lies in the handling of NTLM...

[SECURITY] [DLA 4580-1] exim4 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4580-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz May 12, 2026 https://wiki.debian.org/LTS -...

[SECURITY] [DSA 6265-1] exim4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6265-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 12, 2026 https://www.debian.org/security/faq -...

Debian dla-4580 : exim4 - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4580 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4580-1 [email protected] https://www.debian.org/lts/security/...

Astra Linux - уязвимость в exim4

The STARTTLS feature in Exim up to 4.94.2 allows for response injection buffering during MTA SMTP sending...

Astra Linux - уязвимость в exim4

Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the smtp...

Linux Distros Unpatched Vulnerability : CVE-2026-40684

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Exim before 4.99.2, on systems using musl libc not glibc, an attacker can crash the connection instance when malformed DNS data is present in PTR records. Th...

Linux Distros Unpatched Vulnerability : CVE-2026-40685

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header,...

Linux Distros Unpatched Vulnerability : CVE-2026-40687

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Exim before 4.99.2, when the SPA authentication driver is used with an adversarial SPA resource, there can be an out-of-bounds write that crashes the...

Linux Distros Unpatched Vulnerability : CVE-2026-40686

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present malformed UTF-8 header dat...

Ubuntu: Security Advisory (USN-7373-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-5887-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 5887-1] exim4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5887-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 26, 2025 https://www.debian.org/security/faq -...

Debian dsa-5887 : exim4 - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5887 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5887-1 [email protected] https://www.debian.org/security/...

DSA-5887-1 exim4 - security update

Bulletin has no description...

Debian dla-3708 : exim4 - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3708 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3708-1 [email protected] https://www.debian.org/lts/security/...