mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\n.

MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.

Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.