Vulnerabilities > Exim > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-24 | CVE-2023-51766 | Insufficient Verification of Data Authenticity vulnerability in multiple products Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. | 5.3 |
| 2021-05-06 | CVE-2020-28014 | Improper Privilege Management vulnerability in Exim Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. | 6.1 |
| 2021-05-06 | CVE-2021-27216 | Race Condition vulnerability in Exim Exim 4 before 4.94.2 has Execution with Unnecessary Privileges. | 6.3 |
| 2017-06-19 | CVE-2017-1000369 | Improper Resource Shutdown or Release vulnerability in multiple products Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. | 4.0 |
| 2017-02-01 | CVE-2016-9963 | Key Management Errors vulnerability in multiple products Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages. | 5.9 |