Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rpm rpm 2.5.1 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-9512
Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consum...
Apple Swiftnio
Apache Traffic Server
Debian Debian Linux 10.0
Nodejs Node.js
2 Github repositories
1 Article
7.5
CVSSv3
CVE-2019-9514
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer...
Apple Swiftnio
Apache Traffic Server
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Software Collections 1.0
Redhat Openshift Container Platform 3.9
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 3.10
Redhat Jboss Core Services 1.0
Redhat Enterprise Linux 8.0
1 Article
NA
CVE-2014-8118
Integer overflow in RPM 4.12 and previous versions allows remote malicious users to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow.
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 4.8.0
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 1.4.2/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.9.0
Rpm Rpm 4.0.1
Rpm Rpm 4.9.1.2
Rpm Rpm 2.2.11
NA
CVE-2013-6435
Race condition in RPM 4.11.1 and previous versions allows remote malicious users to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d d...
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 4.8.0
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 1.4.2/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.9.0
Rpm Rpm 4.0.1
Rpm Rpm 4.9.1.2
Rpm Rpm 2.2.11
NA
CVE-2012-0815
The headerVerifyInfo function in lib/header.c in RPM prior to 4.9.1.3 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly handled in a numeric ran...
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 4.8.0
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 1.4.2/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.9.0
Rpm Rpm 4.0.1
Rpm Rpm 2.2.11
NA
CVE-2012-0060
RPM prior to 4.9.1.3 does not properly validate region tags, which allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to the (1) headerLoad, (2) rpmReadSignature, or (3) headerVerify...
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 4.8.0
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 1.4.2/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.9.0
Rpm Rpm 4.0.1
Rpm Rpm 2.2.11
NA
CVE-2012-0061
The headerLoad function in lib/header.c in RPM prior to 4.9.1.3 does not properly validate region tags, which allows user-assisted remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a large region size in a package header.
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 4.8.0
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 1.4.2/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.9.0
Rpm Rpm 4.0.1
Rpm Rpm 2.2.11
NA
CVE-2010-2199
lib/fsm.c in RPM 4.8.0 and previous versions does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to bypass intended access restrictions...
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 4.4.2
Rpm Rpm 1.4.2/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm 2..4.10
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.0.1
Rpm Rpm 2.2.11
Rpm Rpm 4.0.4
NA
CVE-2005-4889
lib/fsm.c in RPM prior to 4.4.3 does not properly reset the metadata of an executable file during deletion of the file in an RPM package removal, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid or (2) setgid file, a related issu...
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 1.4.2/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm 2..4.10
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.0.1
Rpm Rpm 2.2.11
Rpm Rpm 4.0.4
Rpm Rpm 2.2.1
NA
CVE-2010-2197
rpmbuild in RPM 4.8.0 and previous versions does not properly parse the syntax of spec files, which allows user-assisted remote malicious users to remove home directories via vectors involving a ;~ (semicolon tilde) sequence in a Name tag.
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 4.4.2
Rpm Rpm 1.4.2/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm 2..4.10
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.0.1
Rpm Rpm 2.2.11
Rpm Rpm 4.0.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »