CVEs (6)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
2Opensmtpd Opensuse2Opensmtpd TumbleweedJan 15, 2026 Nov 20, 2025 6.9 MEDIUM· v4 5.5 MEDIUM· v3 N/A· v2 An Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD allows local users to crash OpenSMTPD.
This issue affects openSUSE Tumbleweed: from ? before 7.8.0p0-1.1. |
ascii_load_sockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address. |
2Fedoraproject Opensmtpd2Fedora OpensmtpdNov 21, 2024 Dec 24, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurations, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted pattern of client activity, becaus...Show more |
2Fedoraproject Opensmtpd2Fedora OpensmtpdNov 21, 2024 Dec 24, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 smtpd/table.c in OpenSMTPD before 6.8.0p1 lacks a certain regfree, which might allow attackers to trigger a "very significant" memory leak via messages to an instance that performs many regex lookups. |
4Canonical DebianFedoraproject+1 more4Debian Linux FedoraOpensmtpd+1 moreNov 21, 2024 Feb 25, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTPD, it is possible to...Show more |
3Canonical FedoraprojectOpensmtpd3Fedora OpensmtpdUbuntu LinuxNov 21, 2024 Feb 25, 2020 N/A· v4 4.7 MEDIUM· v3 4.7 MEDIUM· v2 OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in...Show more |