Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedora directory server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2024-23334
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to determi...
Aiohttp Aiohttp
Fedoraproject Fedora 39
6 Github repositories
1 Article
9.8
CVSSv3
CVE-2023-3961
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, whic...
Samba Samba
Redhat Enterprise Linux 8.0
Redhat Storage 3.0
Redhat Enterprise Linux Eus 9.0
Fedoraproject Fedora 39
6.5
CVSSv3
CVE-2023-42670
A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes ...
Samba Samba
Fedoraproject Fedora 39
9.8
CVSSv3
CVE-2023-38545
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 byte...
Haxx Libcurl
Fedoraproject Fedora 37
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Microsoft Windows 10 22h2
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 11 23h2
Microsoft Windows 10 1809
Microsoft Windows Server 2019
Microsoft Windows Server 2022
Microsoft Windows 10 21h2
9 Github repositories
2 Articles
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
35 Github repositories
2 Articles
8.1
CVSSv3
CVE-2023-39323
Line directives ("//line") can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running "go build"...
Golang Go
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
5.5
CVSSv3
CVE-2023-20588
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Amd Epyc 7351p Firmware -
Amd Epyc 7401p Firmware -
Amd Epyc 7551p Firmware -
Amd Epyc 7251 Firmware -
Amd Epyc 7261 Firmware -
Amd Epyc 7281 Firmware -
Amd Epyc 7301 Firmware -
Amd Epyc 7351 Firmware -
Amd Epyc 7371 Firmware -
Amd Epyc 7401 Firmware -
Amd Epyc 7451 Firmware -
Amd Epyc 7501 Firmware -
Amd Epyc 7551 Firmware -
Amd Epyc 7571 Firmware -
Amd Epyc 7601 Firmware -
Amd Ryzen 5 Pro 3400g Firmware -
Amd Ryzen 5 3400g Firmware -
Amd Ryzen 5 Pro 3400ge Firmware -
Amd Ryzen 5 Pro 3350g Firmware -
1 Article
7.8
CVSSv3
CVE-2023-4147
A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system.
Linux Linux Kernel 6.5
Linux Linux Kernel
Fedoraproject Fedora 38
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux For Real Time For Nfv 9.0
Redhat Enterprise Linux For Real Time 9.0
Redhat Enterprise Linux Server Aus 9.2
Redhat Enterprise Linux Eus 9.2
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
8.8
CVSSv3
CVE-2023-27533
A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an malicious user to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an ma...
Haxx Curl
Fedoraproject Fedora 36
Netapp Active Iq Unified Manager -
Netapp Clustered Data Ontap 9.0
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
8.8
CVSSv3
CVE-2023-27534
A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's h...
Haxx Curl
Fedoraproject Fedora 36
Netapp Active Iq Unified Manager -
Broadcom Brocade Fabric Operating System Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »