Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian linux vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-16221
WordPress prior to 5.2.3 allows reflected XSS in the dashboard.
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2019-16222
WordPress prior to 5.2.3 has an issue with URL sanitization in wp_kses_bad_protocol_once in wp-includes/kses.php that can lead to cross-site scripting (XSS) attacks.
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5
CVSSv2
CVE-2017-15923
Konversation 1.4.x, 1.5.x, 1.6.x, and 1.7.x prior to 1.7.3 allow remote malicious users to cause a denial of service (crash) via vectors related to parsing of IRC color formatting codes.
Konversation Konversation
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2014-2983
Drupal 6.x prior to 6.31 and 7.x prior to 7.27 does not properly isolate the cached data of different anonymous users, which allows remote anonymous users to obtain sensitive interim form input information in opportunistic situations via unspecified vectors.
Drupal Drupal
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 6.0
4.3
CVSSv2
CVE-2018-1000069
FreePlane version 1.5.9 and previous versions contains a XML External Entity (XXE) vulnerability in XML Parser in mindmap loader that can result in stealing data from victim's machine. This attack appears to require the victim to open a specially crafted mind map file. This ...
Freeplane Freeplane
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2018-6521
The sqlauth module in SimpleSAMLphp prior to 1.15.2 relies on the MySQL utf8 charset, which truncates queries upon encountering four-byte characters. There might be a scenario in which this allows remote malicious users to bypass intended access restrictions.
Simplesamlphp Simplesamlphp
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2018-6799
The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick prior to 1.3.28 allows remote malicious users to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used.
Graphicsmagick Graphicsmagick
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2021-38291
FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c.
Ffmpeg Ffmpeg
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5
CVSSv2
CVE-2017-12869
The multiauth module in SimpleSAMLphp 1.14.13 and previous versions allows remote malicious users to bypass authentication context restrictions and use an authentication source defined in config/authsources.php via vectors related to improper validation of user input.
Simplesamlphp Simplesamlphp
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2017-12873
SimpleSAMLphp 1.7.0 up to and including 1.14.10 might allow malicious users to obtain sensitive information, gain unauthorized access, or have unspecified other impacts by leveraging incorrect persistent NameID generation when an Identity Provider (IdP) is misconfigured.
Simplesamlphp Simplesamlphp
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »