Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
leap vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-9021
An issue exists in PHP prior to 5.6.40, 7.x prior to 7.1.26, 7.2.x prior to 7.2.14, and 7.3.x prior to 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an malicious user to read allocated or unallocated memory past the actual data whe...
Php Php
Debian Debian Linux 9.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Netapp Storage Automation Store -
Opensuse Leap 42.3
9.8
CVSSv3
CVE-2019-9023
An issue exists in PHP prior to 5.6.40, 7.x prior to 7.1.26, 7.2.x prior to 7.2.14, and 7.3.x prior to 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstr...
Php Php
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Netapp Storage Automation Store -
Opensuse Leap 42.3
9.8
CVSSv3
CVE-2019-7164
SQLAlchemy up to and including 1.2.17 and 1.3.x up to and including 1.3.0b2 allows SQL Injection via the order_by parameter.
Sqlalchemy Sqlalchemy 1.3.0
Sqlalchemy Sqlalchemy
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Backports Sle 15.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Tus 8.4
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.3
1 Github repository
9.8
CVSSv3
CVE-2019-8341
An issue exists in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then returns it. The attacker can exploit it with {{INJECTION COMMANDS}} in a URI. NOTE...
Pocoo Jinja2 2.10
Opensuse Leap 42.3
Opensuse Leap 15.0
1 EDB exploit
1 Github repository
9.8
CVSSv3
CVE-2018-8794
rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results in a memory corruption and possibly even a remote code execution.
Rdesktop Rdesktop
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Opensuse Leap 15.1
9.8
CVSSv3
CVE-2018-8800
rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function ui_clip_handle_data() that results in a memory corruption and probably even a remote code execution.
Rdesktop Rdesktop
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.1
9.8
CVSSv3
CVE-2018-8793
rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function cssp_read_tsrequest() that results in a memory corruption and probably even a remote code execution.
Rdesktop Rdesktop
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.1
9.8
CVSSv3
CVE-2018-8795
rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in function process_bitmap_updates() and results in a memory corruption and probably even a remote code execution.
Rdesktop Rdesktop
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.1
9.8
CVSSv3
CVE-2018-8797
rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function process_plane() that results in a memory corruption and probably even a remote code execution.
Rdesktop Rdesktop
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.1
9.8
CVSSv3
CVE-2019-6438
SchedMD Slurm prior to 17.11.13 and 18.x prior to 18.08.5 mishandles 32-bit systems.
Schedmd Slurm
Opensuse Leap 15.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »