Remote Code Execution in Exim from (4.92 through 4.92.2)

Overview :
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
Affected Product(s) :
  • Exim 4.92 through 4.92.2
Vulnerability Details :
CVE ID : CVE-2019-16928
Heap-based buffer overflow in string_vformat, remote code execution seems to be possible

Solution :

** Exim 4.92.3 released (security release) **

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-3270 : FESTO VTEM-S1 INSUFFICIENT TECHNICAL DOCUMENTATION

CVE-2022-3270 : FESTO VTEM-S1 INSUFFICIENT TECHNICAL DOCUMENTATION

Description In multiple products by Festo a remote unauthenticated attacker could use functions of an undocumented protocol which could lead

CVE-2022-4221 : ASUS NAS-M25 UP TO 1.0.1.7 COOKIE OS COMMAND INJECTION

CVE-2022-4221 : ASUS NAS-M25 UP TO 1.0.1.7 COOKIE OS COMMAND INJECTION

Description Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability in Asus NAS-M25 allows an

CVE-2022-45045 : XIONGMAI MBD6304T/NBD6808T-PL JSON FILE DESERIALIZATION

CVE-2022-45045 : XIONGMAI MBD6304T/NBD6808T-PL JSON FILE DESERIALIZATION

Description Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow authenticated users to execute arbitrary commands as root,