Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

21 – 30 of 62 results


CVE-2020-28020

Medium priority
Fixed

Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction.

1 affected packages

exim4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Not affected Not affected Fixed Fixed
Show less packages

CVE-2020-28019

Medium priority
Fixed

Exim 4 before 4.94.2 has Improper Initialization that can lead to recursion-based stack consumption or other consequences. This occurs because use of certain getc functions is mishandled when a client uses BDAT instead of DATA.

1 affected packages

exim4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Fixed Fixed Fixed Not affected
Show less packages

CVE-2020-28018

Medium priority
Fixed

Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL.

1 affected packages

exim4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Fixed Fixed Fixed Not affected
Show less packages

CVE-2020-28017

Medium priority
Fixed

Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e-mail message with fifty million recipients. NOTE: remote exploitation may be difficult because of resource consumption.

1 affected packages

exim4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-28016

Medium priority
Fixed

Exim 4 before 4.94.2 allows an off-by-two Out-of-bounds Write because "-F ''" is mishandled by parse_fix_phrase.

1 affected packages

exim4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Not affected Not affected Not affected
Show less packages

CVE-2020-28015

Medium priority
Fixed

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character.

1 affected packages

exim4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-28014

Medium priority
Fixed

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP option is available to the exim user, and allows a denial of service because root-owned files can be overwritten.

1 affected packages

exim4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-28013

Medium priority
Fixed

Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F '.('" on the command line, and thus may allow privilege escalation from any user to root. This occurs because of the interpretation of negative sizes...

1 affected packages

exim4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-28012

Medium priority
Fixed

Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because rda_interpret uses a privileged pipe that lacks a close-on-exec flag.

1 affected packages

exim4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-28011

Medium priority
Fixed

Exim 4 before 4.94.2 allows Heap-based Buffer Overflow in queue_run via two sender options: -R and -S. This may cause privilege escalation from exim to root.

1 affected packages

exim4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
exim4 Fixed Fixed Fixed Fixed
Show less packages