Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 27 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2017-16818
RADOS Gateway in Ceph 12.1.0 up to and including 12.2.1 allows remote authenticated users to cause a denial of service (assertion failure and application exit) by leveraging "full" (not necessarily admin) privileges to post an invalid profile to the admin API, related t...
Redhat Ceph
Fedoraproject Fedora 27
9.8
CVSSv3
CVE-2017-12170
Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default configuration. This has security implications because of overriding security-r...
Pureftpd Pure-ftpd 1.0.46-1
Fedoraproject Fedora 27
Fedoraproject Fedora 26
7.5
CVSSv3
CVE-2018-6003
An issue exists in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 prior to 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS.
Gnu Libtasn1
Fedoraproject Fedora 26
Debian Debian Linux 9.0
Fedoraproject Fedora 27
5.5
CVSSv3
CVE-2018-10196
NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote malicious users to cause a denial of service (application crash) via a crafted file.
Graphviz Graphviz 2.40.1
Fedoraproject Fedora 27
Fedoraproject Fedora 28
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
9.8
CVSSv3
CVE-2019-10196
A flaw was found in http-proxy-agent, prior to version 2.1.0. It exists http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization. This could result in a Denial of Service through the usage of all available CPU resources and data exposure throug...
Http-proxy-agent Project Http-proxy-agent
Fedoraproject Fedora 27
Redhat Software Collections -
Redhat Enterprise Linux 7.0
5.5
CVSSv3
CVE-2019-19451
When GNOME Dia prior to 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to di...
Gnome Dia
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
3.3
CVSSv3
CVE-2021-3574
A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks.
Imagemagick Imagemagick 7.0.11-5
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
9.8
CVSSv3
CVE-2019-16928
Exim 4.92 up to and including 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
Exim Exim
Canonical Ubuntu Linux 19.04
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
1 Github repository
1 Article
6.5
CVSSv3
CVE-2019-13225
A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows malicious users to potentially cause denial of service by providing a crafted regular expression. Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.
Oniguruma Project Oniguruma 6.9.2
Fedoraproject Fedora 29
Fedoraproject Fedora 30
9.8
CVSSv3
CVE-2019-13224
A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows malicious users to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a ...
Oniguruma Project Oniguruma 6.9.2
Php Php
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »