Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wide project wide - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-19279
Directory Traversal vulnerability found in B3log Wide allows a an malicious user to escalate privileges via symbolic links.
Wide Project Wide -
NA
CVE-2021-4217
A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an malicious user to input a specially crafted zip file, leading to a crash or code execution.
Unzip Project Unzip 6.0
Fedoraproject Fedora 35
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
4.3
CVSSv2
CVE-2022-0529
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an malicious user to input a specially crafted zip file, leading to a crash or code execution.
Unzip Project Unzip 6.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Github repositories
4.3
CVSSv2
CVE-2022-0530
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an malicious user to input a specially crafted zip file, leading to a crash or code execution.
Unzip Project Unzip 6.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 35
Apple Mac Os X
Apple Mac Os X 10.15.7
Apple Macos
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Github repositories
7.5
CVSSv2
CVE-2021-39275
ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and previous versions.
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Cloud Backup -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
Oracle Http Server 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Server 14.0
Siemens Sinec Nms
5
CVSSv2
CVE-2021-36160
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Cloud Backup -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
Oracle Http Server 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Broadcom Brocade Fabric Operating System Firmware -
5
CVSSv2
CVE-2021-34798
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and previous versions.
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Cloud Backup -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
Tenable Tenable.sc
Oracle Http Server 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Broadcom Brocade Fabric Operating System Firmware -
Siemens Sinema Server 14.0
6.8
CVSSv2
CVE-2021-40438
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and previous versions.
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Cloud Backup -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
F5 F5os
Oracle Http Server 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Http Server 12.2.1.4.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Secure Global Desktop 5.6
Siemens Sinema Server 14.0
Siemens Sinec Nms
14 Github repositories
5
CVSSv2
CVE-2021-33193
A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Tenable Tenable.sc
Oracle Zfs Storage Appliance Kit 8.8
Oracle Secure Backup
1 Github repository
5
CVSSv2
CVE-2020-7664
In all versions of the package github.com/unknwon/cae/zip, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or non-leading "..". This allows an malicious user to add or replace files system-wide.
Compression And Archive Extensions Project Compression And Archive Extensions Zip Project
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »