Known Vulnerabilities for products from Exim
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Exim".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-51766 json | 5.3 - MEDIUM | 2023-12-24 | 2024-02-02 | |
| CVE-2022-37452 json | Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is s... | 9.8 - CRITICAL | 2022-08-07 | 2022-10-28 |
| CVE-2022-37451 json | Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc. | 7.5 - HIGH | 2022-08-06 | 2023-11-07 |
| CVE-2022-3620 json | A vulnerability was found in Exim and classified as problematic. This issue affects the function dmarc_dns_lookup of the file... | 9.8 - CRITICAL | 2022-10-20 | 2023-11-07 |
| CVE-2022-3559 json | A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component ... | 7.5 - HIGH | 2022-10-17 | 2023-11-07 |
| CVE-2021-38371 json | The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending. | 7.5 - HIGH | 2021-08-10 | 2021-08-20 |
| CVE-2021-27216 json | Exim 4 before 4.94.2 has Execution with Unnecessary Privileges. By leveraging a delete_pid_file race condition, a local user ... | 6.3 - MEDIUM | 2021-05-06 | 2022-06-28 |
| CVE-2020-28026 json | Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Deliv... | 9.8 - CRITICAL | 2021-05-06 | 2022-07-12 |
| CVE-2020-28025 json | Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkim_finish_bodyhash does not validate the relationship between sig->... | 7.5 - HIGH | 2021-05-06 | 2021-05-10 |
| CVE-2020-28024 json | Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary command... | 9.8 - CRITICAL | 2021-05-06 | 2022-06-28 |
| CVE-2020-28023 json | Exim 4 before 4.94.2 allows Out-of-bounds Read. smtp_setup_msg may disclose sensitive information from process memory to an u... | 7.5 - HIGH | 2021-05-06 | 2021-05-10 |
| CVE-2020-28022 json | Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when proc... | 9.8 - CRITICAL | 2021-05-06 | 2022-06-28 |
| CVE-2020-28021 json | Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. An authenticated remote SMTP client can insert newline c... | 8.8 - HIGH | 2021-05-06 | 2021-05-10 |
| CVE-2020-28020 json | Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitr... | 9.8 - CRITICAL | 2021-05-06 | 2022-06-28 |
| CVE-2020-28019 json | Exim 4 before 4.94.2 has Improper Initialization that can lead to recursion-based stack consumption or other consequences. Th... | 7.5 - HIGH | 2021-05-06 | 2021-05-10 |
| CVE-2020-28018 json | Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL. | 9.8 - CRITICAL | 2021-05-06 | 2021-05-26 |
| CVE-2020-28017 json | Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e-mail message with fifty mil... | 9.8 - CRITICAL | 2021-05-06 | 2022-10-04 |
| CVE-2020-28016 json | Exim 4 before 4.94.2 allows an off-by-two Out-of-bounds Write because "-F ''" is mishandled by parse_fix_phrase. | 7.8 - HIGH | 2021-05-06 | 2021-05-10 |
| CVE-2020-28015 json | Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes bec... | 7.8 - HIGH | 2021-05-06 | 2021-05-10 |
| CVE-2020-28014 json | Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP option is available to the exim user, and allows a... | 6.1 - MEDIUM | 2021-05-06 | 2022-07-12 |
Known software with vulnerabilities from Exim
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Exim | Exim | 2.10 |