This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-19 20:48:44 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
316b3c3e-0e98-11e8-8d41-97657151f8c2 | exim -- a buffer overflow vulnerability, remote code execution Exim developers report:
Discovery 2018-02-05 Entry 2018-02-10 exim < 4.90.1 https://exim.org/static/doc/security/CVE-2018-6789.txt |
36594c54-7be7-11e0-9838-0022156e8794 | Exim -- remote code execution and information disclosure Release notes for Exim 4.76 says:
Also, impact assessment was redone shortly after the original announcement:
Discovery 2011-05-10 Entry 2011-05-14 exim ge 4.70 lt 4.76 CVE-2011-1764 CVE-2011-1407 https://lists.exim.org/lurker/message/20110512.102909.8136175a.en.html http://bugs.exim.org/show_bug.cgi?id=1106 |
3e0da406-aece-11e9-8d41-97657151f8c2 | Exim -- RCE in ${sort} expansion Exim team report:
Discovery 2019-07-18 Entry 2019-07-25 Modified 2019-07-26 exim ge 4.85 lt 4.92.1 CVE-2019-13917 https://www.exim.org/static/doc/security/CVE-2019-13917.txt |
44ccfab0-3564-11e0-8e81-0022190034c0 | exim -- local privilege escalation exim.org reports:
Discovery 2011-01-31 Entry 2011-02-10 exim exim-ldap exim-ldap2 exim-mysql exim-postgresql exim-sa-exim < 4.74 CVE-2011-0017 ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.74 |
45bea6b5-8855-11e9-8d41-97657151f8c2 | Exim -- RCE in deliver_message() function Exim team and Qualys report:
Discovery 2019-05-27 Entry 2019-06-06 exim ge 4.87 lt 4.92 CVE-2019-10149 https://www.exim.org/static/doc/security/CVE-2019-10149.txt |
5f29c2e4-9f6a-11d8-abbc-00e08110b673 | exim buffer overflow when verify = header_syntax is used A remote exploitable buffer overflow has been discovered in exim when verify = header_syntax is used in the configuration file. This does not affect the default configuration. Discovery 2004-05-06 Entry 2004-05-06 exim exim-ldap2 exim-mysql exim-postgresql < 4.33+20_1 http://www.guninski.com/exim1.html CVE-2004-0400 |
61db9b88-d091-11e9-8d41-97657151f8c2 | Exim -- RCE with root privileges in TLS SNI handler Exim developers report:
Discovery 2019-09-02 Entry 2019-09-06 exim < 4.92.2 https://git.exim.org/exim.git/blob_plain/2600301ba6dbac5c9d640c87007a07ee6dcea1f4:/doc/doc-txt/cve-2019-15846/cve.txt |
68b29058-d348-11e7-b9fe-c13eb7bcbf4f | exim -- remote code execution, deny of service in BDAT Exim team reports:
Discovery 2017-11-23 Entry 2017-11-27 exim ge 4.88 lt 4.89_2 https://bugs.exim.org/show_bug.cgi?id=2199 |
75dd622c-d5fd-11e7-b9fe-c13eb7bcbf4f | exim -- remote DoS attack in BDAT processing Exim developers team reports:
Discovery 2017-11-23 Entry 2017-11-30 exim ge 4.88 lt 4.89.1 https://bugs.exim.org/show_bug.cgi?id=2199 CVE-2017-16944 |
7d09b9ee-e0ba-11e5-abc4-6fb07af136d2 | exim -- local privillege escalation The Exim development team reports:
Discovery 2016-02-26 Entry 2016-03-02 exim < 4.86.2 < 4.85.2 < 4.84.2 CVE-2016-1531 https://lists.exim.org/lurker/message/20160302.191005.a72d8433.en.html |
8c1a271d-56cf-11e7-b9fe-c13eb7bcbf4f | exim -- Privilege escalation via multiple memory leaks Qualsys reports:
Discovery 2017-06-19 Entry 2017-06-21 exim < 4.89_1 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000369 |
b0f3ab1f-1f3b-11e2-8fe9-0022156e8794 | Exim -- remote code execution This vulnerability affects Exim instances built with DKIM enabled (this is the default for FreeBSD Exim port) and running verification of DKIM signatures on the incoming mail messages. Phil Penncock reports:
Discovery 2012-10-25 Entry 2012-10-26 exim ge 4.70 lt 4.80.1 CVE-2012-5671 https://lists.exim.org/lurker/message/20121026.080330.74b9147b.en.html |
ca9ce879-5ebb-11d9-a01c-0050569f0001 | exim -- two buffer overflow vulnerabilities 1. The function host_aton() can overflow a buffer if it is presented with an illegal IPv6 address that has more than 8 components. 2. The second report described a buffer overflow in the function spa_base64_to_bits(), which is part of the code for SPA authentication. Discovery 2005-01-05 Entry 2005-01-05 Modified 2005-01-18 exim exim-ldap exim-ldap2 exim-mysql exim-postgresql exim-sa-exim < 4.43+28_1 http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html http://marc.theaimsgroup.com/?l=bugtraq&m=110573573800377 CVE-2005-0021 CVE-2005-0022 12185 12188 12268 |
e4fcf020-0447-11e0-becc-0022156e8794 | exim -- local privilege escalation David Woodhouse reports:
Discovery 2010-12-10 Entry 2011-01-08 exim < 4.73 CVE-2010-4345 http://www.exim.org/lurker/message/20101209.022730.dbb6732d.en.html https://bugzilla.redhat.com/show_bug.cgi?id=661756#c3 |
e7002b26-caaa-11e6-a76a-9f7324e5534e | exim -- DKIM private key leak The Exim project reports:
Discovery 2016-12-15 Entry 2016-12-25 exim gt 4.69 lt 4.87.1 https://exim.org/static/doc/CVE-2016-9963.txt CVE-2016-9963 |
e917caba-e291-11e9-89f1-152fed202bb7 | Exim -- heap-based buffer overflow in string_vformat leading to RCE Exim developers team report:
Discovery 2019-09-28 Entry 2019-09-29 exim ge 4.92 lt 4.92.3 https://www.openwall.com/lists/oss-security/2019/09/28/1 |