CVE Tracker

CVE ID	Severity	EPSS	Vendor	Description	Date	Status
CVE-2010-4345	High	4.0%	EximExim	Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.	Mar 25, 2022	KEV
CVE-2010-4344	High	61.5%	EximExim	Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.	Mar 25, 2022	KEV
CVE-2019-16928	High	89.8%	EximExim Internet Mailer	Exim contains an out-of-bounds write vulnerability which can allow for remote code execution.	Mar 3, 2022	KEV
CVE-2019-10149	High	94.0%	EximMail Transfer Agent (MTA)	Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.	Jan 10, 2022	KEV
CVE-2018-6789	High	86.4%	EximExim	Exim contains a buffer overflow vulnerability in the base64d function part of the SMTP listener that may allow for remote code execution.	Nov 3, 2021	KEV

CVE-2010-4345KEV

High

Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.

EximEPSS 4.0%

CVE-2010-4344KEV

High

Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.

EximEPSS 61.5%

CVE-2019-16928KEV

High

Exim contains an out-of-bounds write vulnerability which can allow for remote code execution.

EximEPSS 89.8%

CVE-2019-10149KEV

High

Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

EximEPSS 94.0%

CVE-2018-6789KEV

High

Exim contains a buffer overflow vulnerability in the base64d function part of the SMTP listener that may allow for remote code execution.

EximEPSS 86.4%