Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

juraj somorovsky vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2011-0730
Eucalyptus prior to 2.0.3 and Eucalyptus EE prior to 2.0.2, as used in Ubuntu Enterprise Cloud (UEC) and other products, do not properly interpret signed elements in SOAP requests, which allows man-in-the-middle malicious users to execute arbitrary commands by modifying a request...
Eucalyptus EucalyptusCanonical Ubuntu Linux 10.04Canonical Ubuntu Linux 10.10Canonical Ubuntu Linux 11.04
NA
CVE-2011-1411
Shibboleth OpenSAML library 2.4.x prior to 2.4.3 and 2.5.x prior to 2.5.1, and IdP prior to 2.3.2, allows remote malicious users to forge messages and bypass authentication via an "XML Signature wrapping attack."
Shibboleth Opensaml 2.4.0Shibboleth Opensaml 2.4.1Shibboleth Opensaml 2.4.2Shibboleth Opensaml 2.5.0Shibboleth Shibboleth-identity-provider 2.2.0Shibboleth Shibboleth-identity-provider 2.1.5Shibboleth Shibboleth-identity-provider 2.1.4Shibboleth Shibboleth-identity-provider 2.1.3Shibboleth Shibboleth-identity-provider 2.3.0Shibboleth Shibboleth-identity-provider 2.2.1Shibboleth Shibboleth-identity-provider 2.1.0Shibboleth Shibboleth-identity-provider 2.0.0Shibboleth Shibboleth-identity-providerShibboleth Shibboleth-identity-provider 2.1.2Shibboleth Shibboleth-identity-provider 2.1.1
NA
CVE-2012-0841
libxml2 prior to 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via crafted XML data.
Xmlsoft Libxml2 2.2.0Xmlsoft Libxml2 2.2.2Xmlsoft Libxml2 2.4.30Xmlsoft Libxml2 2.6.16Xmlsoft Libxml2 1.8.0Xmlsoft Libxml2 1.8.16Xmlsoft Libxml2 2.6.32Xmlsoft Libxml2 2.1.0Xmlsoft Libxml2 2.6.29Xmlsoft Libxml2 2.4.19Xmlsoft Libxml2 2.4.7Xmlsoft Libxml2 2.4.17Xmlsoft Libxml2 2.2.9Xmlsoft Libxml2 2.3.6Xmlsoft Libxml2 2.6.26Xmlsoft Libxml2 2.6.11Xmlsoft Libxml2 1.7.1Xmlsoft Libxml2 2.7.2Xmlsoft Libxml2 2.4.21Xmlsoft Libxml2 2.4.20Xmlsoft Libxml2 2.3.7Xmlsoft Libxml2 2.6.17
5.9
CVSSv3
CVE-2017-13098
BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a ...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
5.9
CVSSv3
CVE-2019-1559
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 by...
Openssl OpensslCanonical Ubuntu Linux 18.04Canonical Ubuntu Linux 18.10Canonical Ubuntu Linux 16.04Debian Debian Linux 8.0Debian Debian Linux 9.0Netapp Hyper Converged Infrastructure -Netapp Cloud Backup -Netapp Santricity Smi-s Provider -Netapp Element Software -Netapp Snapdrive -Netapp Snapcenter -Netapp Storage Automation Store -Netapp Ontap Select Deploy -Netapp Steelstore Cloud Integrated Storage -Netapp Oncommand Unified Manager -Netapp Oncommand Workflow Automation -Netapp Storagegrid -Netapp StoragegridNetapp Oncommand Insight -Netapp Ontap Select Deploy Administration Utility -Netapp Service Processor -
8.1
CVSSv3
CVE-2019-11521
OX App Suite 7.10.1 allows Content Spoofing.
Open-xchange Open-xchange Appsuite 7.10.1
6.1
CVSSv3
CVE-2018-9997
Cross-site scripting (XSS) vulnerability in mail compose in Open-Xchange OX App Suite prior to 7.6.3-rev31, 7.8.x prior to 7.8.2-rev31, 7.8.3 prior to 7.8.3-rev41, and 7.8.4 prior to 7.8.4-rev28 allows remote malicious users to inject arbitrary web script or HTML via the data-tar...
Open-xchange Open-xchange AppsuiteOpen-xchange Open-xchange Appsuite 7.6.3Open-xchange Open-xchange Appsuite 7.8.0Open-xchange Open-xchange Appsuite 7.8.2Open-xchange Open-xchange Appsuite 7.8.3Open-xchange Open-xchange Appsuite 7.8.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook