| Max CVSS | 10.0 | Min CVSS | 4.7 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-7247 | 10.0 |
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This
|
16-07-2024 - 17:40 | 29-01-2020 - 16:15 | |
| CVE-2020-8794 | 10.0 |
OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTPD, it is possible to attack a server because the se
|
08-10-2022 - 02:48 | 25-02-2020 - 17:15 | |
| CVE-2020-8793 | 4.7 |
OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c.
|
01-01-2022 - 19:30 | 25-02-2020 - 17:15 |