Vulnerabilities > Exim > Exim > 4.94
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-24 | CVE-2023-51766 | Insufficient Verification of Data Authenticity vulnerability in multiple products Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. | 5.3 |
| 2022-08-07 | CVE-2022-37452 | Out-of-bounds Write vulnerability in multiple products Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set. | 9.8 |
| 2022-08-06 | CVE-2022-37451 | Release of Invalid Pointer or Reference vulnerability in multiple products Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc. | 7.5 |
| 2021-05-06 | CVE-2020-28017 | Integer Overflow or Wraparound vulnerability in Exim Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e-mail message with fifty million recipients. | 9.8 |