FAIL › dossier

Exim vendor

5
failure events
0
zero-days
5
RCEs
5
on KEV
1
critical
95
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 8 events

DateEventSevFlagsShameSummary
2021-11-03 CVE-2018-6789 critical ⚡RCE ⌖KEV 95 Exim contains a buffer overflow vulnerability in the base64d function part of the SMTP listener that may allow for remote code execution.
2021-11-03 CVE-2018-6789 critical ⚡RCE ⌖KEV 95 Exim contains a buffer overflow vulnerability in the base64d function part of the SMTP listener that may allow for remote code execution.
2022-03-25 CVE-2010-4344 high ⚡RCE ⌖KEV 65 Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.
2022-03-25 CVE-2010-4344 high ⚡RCE ⌖KEV 65 Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.
2022-03-25 CVE-2010-4345 high ⚡RCE ⌖KEV 65 Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.
2022-03-25 CVE-2010-4345 high ⚡RCE ⌖KEV 65 Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.
2022-03-03 CVE-2019-16928 high ⚡RCE ⌖KEV 65 Exim contains an out-of-bounds write vulnerability which can allow for remote code execution.
2022-01-10 CVE-2019-10149 high ⚡RCE ⌖KEV 65 Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.