Lucene search
K

2186 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 has an improper restriction on write operations within the bounds of a memory buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands...

9.8CVSS7.6AI score0.03017EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 has an improper initialization issue that can lead to recursive stack consumption or other consequences. This occurs because the use of certain getc functions is handled incorrectly when a client uses BDAT instead of DATA...

7.5CVSS7.6AI score0.61664EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allowed Use After Free in smtpreset in certain situations that might be common in builds using OpenSSL...

9.8CVSS7.7AI score0.5675EPSS
Exploits3References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in exim4

Exim 4.98 before 4.98.1 allowed remote SQL injection when SQLite hints and ETRN serialization were used. Resolving SQL injection requires an update to 4.99.1 in certain non-default rate-limit configurations...

9.8CVSS8.2AI score0.75782EPSS
Exploits6References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 has an improper neutralization of line delimiters, which is relevant in non-default configurations that enable Delivery Status Notification DSN. Certain uses of ORCPT= can insert a new line into a spool header file, thereby indirectly allowing unauthenticated remote attackers...

9.8CVSS7.3AI score0.09251EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow, because getstdinput allows unbounded reads that are accompanied by unbounded increases in a certain size variable. NOTE: Exploitation may be impractical due to the execution time required to cause an overflow multiple days...

7.8CVSS7.9AI score0.00464EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allowed Buffer Underwrite, which could allow unauthenticated remote attackers to execute arbitrary commands. This is because smtpungetc was only intended for pushing back characters, but it can actually be used to push back non-character error codes, such as EOF...

9.8CVSS8.2AI score0.04153EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in exim4

Exim before version 4.95 has a heap-based buffer overflow for the alias list in hostnamelookup in host.c when senderhostname is set...

9.8CVSS8.6AI score0.0292EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in exim4

A vulnerability was discovered in Exim and has been classified as problematic. This issue affects certain aspects of the component Regex Handler’s processing. The vulnerability results in memory leaks after the component is freed from memory. The name of the patch is...

7.5CVSS6.2AI score0.03661EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allows out-of-bounds write-ups, because the main function, while having setuid root, copies the current working directory pathname into a buffer that is too small on some common platforms...

7.8CVSS7.3AI score0.00414EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in exim4

Exim version 4.93 has a buffer overflow issue in the SPA authenticator, which could lead to bypassing SPA/NTLM authentication in the files auths/spa.c and auths/auth-spa.c...

7.5CVSS7.6AI score0.04553EPSS
Exploits2References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkimfinishbodyhash does not validate the relationship between sig-bodyhash.len and b-bh.len; thus, a crafted DKIM-Signature header might lead to the leakage of sensitive information from process memory...

7.5CVSS7.6AI score0.02764EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allowed out-of-bounds read vulnerabilities. The smtpsetupmsg function may disclose sensitive information from the process memory to an unauthenticated SMTP client...

7.5CVSS7.5AI score0.02606EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 has an improper neutralization of line delimiters. An authenticated remote SMTP client can insert newline characters into a spool file which indirectly leads to remote code execution as root via the AUTH= parameter in the MAIL FROM command...

9CVSS7.6AI score0.04139EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allowed a heap-based buffer overflow in the queuerun function, through two sender options: -R and -S. This could lead to privilege escalation from the exim user to the root user...

7.8CVSS6.9AI score0.00393EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-45185

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends...

9.8CVSS6.2AI score0.01225EPSS
Exploits2References2
GithubExploit
GithubExploit
added 2026/05/19 4:26 p.m.272 views

Exploit for CVE-2026-45185

CVE-2026-45185 Nuclei Template Validation Lab This repository...

9.8CVSS6.1AI score0.01225EPSS
Exploits2
hivepro
hivepro
added 2026/05/15 2:37 p.m.9 views

The Machine Found It First. The Machine Will Exploit It Next.

& For decades, the question behind every CVE has been "who found it, and how fast can attackers catch up?" As of May 12, 2026, the question has flipped. Machines found the bug. Machines will weaponize the next one. The race is no longer human-versus-human with a stopwatch. Discovery Discovery...

9.8CVSS6.3AI score0.01225EPSS
Exploits2
NCSC
NCSC
added 2026/05/15 12:8 p.m.16 views

The vulnerability was exploited in Exim.

The developers of Exim introduced a vulnerability in the Exim Mail Transfer Agent versions prior to 4.99.3. This vulnerability involves a use-after-free in the BDAT body parsing process, specifically when certain GnuTLS backend configurations are used. An unauthorized attacker can exploit this...

9.8CVSS6.4AI score0.01225EPSS
Exploits2References4
OSV
OSV
added 2026/05/13 4:48 p.m.7 views

CLSA-2026-1778690918 exim: Fix of CVE-2026-40686

CVE-2026-40686: out-of-bounds read in the GETUTF8INC macro in src/expand.c when processing malformed UTF-8 in expansion operators with utf8 enabled, potentially disclosing heap data via SMTP rejection messages...

5.3CVSS6AI score0.00246EPSS
Exploits0References1
Rows per page
Query Builder