Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 1.3 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-32221
When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This f...
Haxx Curl
Netapp Clustered Data Ontap -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Apple Macos
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
1 Github repository
9.8
CVSSv3
CVE-2022-32207
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the t...
Haxx Curl
Fedoraproject Fedora 35
Debian Debian Linux 11.0
Netapp Element Software -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Bootstrap Os -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Apple Macos
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
9.8
CVSSv3
CVE-2020-11651
An issue exists in SaltStack Salt prior to 2019.2.4 and 3000 prior to 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user toke...
Saltstack Salt
Opensuse Leap 15.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Vmware Application Remote Collector 8.0.0
Vmware Application Remote Collector 7.5.0
17 Github repositories
4 Articles
9.8
CVSSv3
CVE-2020-1938
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exp...
Apache Tomcat
Apache Geode 1.12.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Oracle Transportation Management 6.3.7
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Instantis Enterprisetrack
Oracle Mysql Enterprise Monitor
Oracle Health Sciences Empirica Signal 7.3.3
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
Oracle Workload Manager 18c
Oracle Workload Manager 19c
Oracle Workload Manager 12.2.0.1
Oracle Agile Engineering Data Management 6.2.1.0
57 Github repositories
1 Article
9.8
CVSSv3
CVE-2019-7164
SQLAlchemy up to and including 1.2.17 and 1.3.x up to and including 1.3.0b2 allows SQL Injection via the order_by parameter.
Sqlalchemy Sqlalchemy 1.3.0
Sqlalchemy Sqlalchemy
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Backports Sle 15.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Tus 8.4
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.3
1 Github repository
9.8
CVSSv3
CVE-2016-0718
Expat allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Mozilla Firefox
Apple Mac Os X
Suse Linux Enterprise Server 11
Suse Studio Onsite 1.3
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Debuginfo 11
Opensuse Leap 42.1
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Desktop 12
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Libexpat Project Libexpat
Debian Debian Linux 8.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mcafee Policy Auditor
Python Python
1 Article
9.1
CVSSv3
CVE-2022-23806
Curve.IsOnCurve in crypto/elliptic in Go prior to 1.16.14 and 1.17.x prior to 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.
Golang Go
Netapp Storagegrid -
Netapp Cloud Insights Telegraf Agent -
Netapp Kubernetes Monitoring Operator -
Netapp Beegfs Csi Driver -
Debian Debian Linux 9.0
3 Github repositories
9.1
CVSSv3
CVE-2021-22945
When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.
Haxx Libcurl
Fedoraproject Fedora 33
Fedoraproject Fedora 35
Netapp Cloud Backup -
Netapp Clustered Data Ontap -
Oracle Mysql Server
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp Solidfire Baseboard Management Controller Firmware -
Apple Macos
Siemens Sinec Ins
Debian Debian Linux 11.0
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
1 Github repository
8.8
CVSSv3
CVE-2022-44789
A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 up to and including 1.3.x prior to 1.3.2 allows an malicious user to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file.
Artifex Mujs
Debian Debian Linux 11.0
Fedoraproject Fedora 37
1 Github repository
8.8
CVSSv3
CVE-2021-45341
A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an malicious user to achieve Remote Code Execution using a crafted JWW document.
Librecad Librecad 2.2.0
Librecad Librecad
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »