Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 14 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-39928
A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitrary code execution. A user would need to to visit a malicious webpage to trigger t...
Webkitgtk Webkitgtk 2.40.5
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
NA
CVE-2023-41074
The issue was addressed with improved checks. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.
Apple Macos
Apple Watchos
Apple Iphone Os
Apple Ipados
Apple Tvos
Apple Safari
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
NA
CVE-2023-35074
The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.
Apple Macos
Apple Watchos
Apple Iphone Os
Apple Ipados
Apple Tvos
Apple Safari
Fedoraproject Fedora 37
NA
CVE-2023-41993
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Apple Macos
Apple Ipados
Apple Iphone Os
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Oracle Jdk 1.8.0
Oracle Jre 1.8.0
Oracle Graalvm 21.3.9
Oracle Graalvm 20.3.13
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Cloud Insights Acquisition Unit -
Netapp Cloud Insights Storage Workload Security Agent -
7 Github repositories
2 Articles
NA
CVE-2022-4904
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.
C-ares Project C-ares
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 36
NA
CVE-2022-4379
A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an malicious user to conduct a remote denial
Linux Linux Kernel
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2022-3517
A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.
Minimatch Project Minimatch
Debian Debian Linux 10.0
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2022-32212
A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing ...
Nodejs Node.js
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Siemens Sinec Ins 1.0
Siemens Sinec Ins
NA
CVE-2022-32213
The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS).
Llhttp Llhttp
Nodejs Node.js
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Siemens Sinec Ins 1.0
Debian Debian Linux 11.0
Stormshield Stormshield Management Center
NA
CVE-2022-32215
The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).
Nodejs Node.js
Llhttp Llhttp
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Siemens Sinec Ins 1.0
Debian Debian Linux 11.0
Stormshield Stormshield Management Center
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10