FAIL › dossier
Exim vendor
5
failure events
0
zero-days
5
RCEs
5
on KEV
1
critical
95
worst shame
Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.
Failure history 8 events
| Date | Event | Sev | Flags | Shame | Summary |
|---|---|---|---|---|---|
| 2021-11-03 | CVE-2018-6789 | critical | ⚡RCE ⌖KEV | 95 | Exim contains a buffer overflow vulnerability in the base64d function part of the SMTP listener that may allow for remote code execution. |
| 2021-11-03 | CVE-2018-6789 | critical | ⚡RCE ⌖KEV | 95 | Exim contains a buffer overflow vulnerability in the base64d function part of the SMTP listener that may allow for remote code execution. |
| 2022-03-25 | CVE-2010-4344 | high | ⚡RCE ⌖KEV | 65 | Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session. |
| 2022-03-25 | CVE-2010-4344 | high | ⚡RCE ⌖KEV | 65 | Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session. |
| 2022-03-25 | CVE-2010-4345 | high | ⚡RCE ⌖KEV | 65 | Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands. |
| 2022-03-25 | CVE-2010-4345 | high | ⚡RCE ⌖KEV | 65 | Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands. |
| 2022-03-03 | CVE-2019-16928 | high | ⚡RCE ⌖KEV | 65 | Exim contains an out-of-bounds write vulnerability which can allow for remote code execution. |
| 2022-01-10 | CVE-2019-10149 | high | ⚡RCE ⌖KEV | 65 | Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution. |