Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
backports vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2019-5058
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
Libsdl Sdl2 Image 2.0.4
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
6.8
CVSSv2
CVE-2019-5059
An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then be written out of bounds resulting in a heap overfl...
Libsdl Sdl2 Image 2.0.4
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
6.8
CVSSv2
CVE-2019-5060
An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resu...
Libsdl Sdl2 Image 2.0.4
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
4.3
CVSSv2
CVE-2019-5460
Double Free in VLC versions <= 3.0.6 leads to a crash.
Videolan Vlc Media Player
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle-15
5
CVSSv2
CVE-2020-8228
A missing rate limit in the Preferred Providers app 1.7.0 allowed an malicious user to set the password an uncontrolled amount of times.
Nextcloud Preferred Providers 1.7.0
Opensuse Backports Sle 15.0
Opensuse Leap 15.1
Opensuse Leap 15.2
4.3
CVSSv2
CVE-2019-10740
In Roundcube Webmail prior to 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can...
Roundcube Webmail
Fedoraproject Fedora 29
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
4
CVSSv2
CVE-2019-10163
A Vulnerability has been found in PowerDNS Authoritative Server prior to 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers co...
Powerdns Authoritative 4.1.0
Powerdns Authoritative
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle-15
5
CVSSv2
CVE-2020-9272
ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function.
Proftpd Proftpd
Siemens Simatic Net Cp 1543-1 Firmware
Siemens Simatic Net Cp 1545-1 Firmware
Opensuse Backports Sle 15.0
Opensuse Leap 15.1
4.3
CVSSv2
CVE-2020-15999
Heap buffer overflow in Freetype in Google Chrome before 86.0.4240.111 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Freetype Freetype
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Opensuse Backports Sle 15.0
7 Github repositories
3 Articles
6.8
CVSSv2
CVE-2020-6450
Use after free in WebAudio in Google Chrome before 80.0.3987.162 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »