10 matches found
CVE-2025-6437
CVE-2025-6437 affects the WordPress plugin "Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager". Vulnerable in all versions up to 4.89 due to insufficient escaping of the user-supplied parameter and inadequate SQL query preparation for the oid input, allowing unauthenticated attackers t...
CVE-2024-47531
Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extension. With malicious content injected inside the file data and users unknowingly downloading it and...
Debian DLA-2650-1 : exim4 security update
The Qualys Research Labs reported several vulnerabilities in Exim, a mail transport agent, which could result in local privilege escalation and remote code execution. Details can be found in the Qualys advisory at https://www.qualys.com/2021/05/04/21nails/21nails.txt For Debian 9 stretch, these...
Exim Denial of Service Vulnerability
Exim is an open source messaging agent MTA developed by the University of Cambridge in the UK that runs on Unix systems and is responsible for routing, forwarding and delivering mail. A security vulnerability exists in the 'receivemsg' function of the receive.c file of the SMTP daemon in Exim...
Exim Multiple RCE Vulnerabilities
Exim is prone to multiple remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:exim:exim"; ...
Debian DSA-3888-1 : exim4 - security update (Stack Clash)
The Qualys Research Labs discovered a memory leak in the Exim mail transport agent. This is not a security vulnerability in Exim by itself, but can be used to exploit a vulnerability in stack handling. For the full details, please refer to their advisory published at:...
CVE-2017-1000369
Exim supports the use of multiple "-p" command line arguments which are malloc'ed and never free'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch...
CVE-2017-1000369
Exim supports the use of multiple "-p" command line arguments which are malloc'ed and never free'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch...
Debian Security Advisory DSA 3888-1 (exim4 - security update)
The Qualys Research Labs discovered a memory leak in the Exim mail transport agent. This is not a security vulnerability in Exim by itself, but can be used to exploit a vulnerability in stack handling. OpenVAS Vulnerability Test $Id: deb3888.nasl 6618 2017-07-07 14:17:52Z cfischer $ Auto-generate...
exim -- Privilege escalation via multiple memory leaks
Qualsys reports: Exim supports the use of multiple "-p" command line arguments which are malloc'ed and never free'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has...