Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zero x vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5907
The png_check_keyword function in pngwutil.c in libpng prior to 1.0.42, and 1.2.x prior to 1.2.34, might allow context-dependent malicious users to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords, related to ...
Libpng Libpng
Debian Debian Linux 4.0
Debian Debian Linux 5.0
NA
CVE-2011-0532
The (1) backup and restore scripts, (2) main initialization script, and (3) ldap-agent script in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x) place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan hor...
Fedoraproject 389 Directory Server 1.2.6.1
Fedoraproject 389 Directory Server 1.2.6
Fedoraproject 389 Directory Server 1.2.5
Fedoraproject 389 Directory Server 1.2.2
Fedoraproject 389 Directory Server 1.2.8
Fedoraproject 389 Directory Server 1.2.7
Fedoraproject 389 Directory Server 1.2.7.5
Fedoraproject 389 Directory Server 1.2.1
Fedoraproject 389 Directory Server 1.2.3
Redhat Directory Server 8.2.3
Redhat Directory Server 8.2
NA
CVE-2009-4028
The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x prior to 5.0.88 and 5.1.x prior to 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle malicious users to spoof arbitrary SSL-based MySQL ser...
Oracle Mysql 5.0.23
Oracle Mysql 5.0.25
Mysql Mysql 5.0.24
Oracle Mysql 5.0.0
Oracle Mysql 5.0.13
Mysql Mysql 5.0.30
Oracle Mysql 5.0.42
Oracle Mysql 5.0.32
Oracle Mysql 5.0.51
Oracle Mysql 5.0.37
Oracle Mysql 5.0.26
Oracle Mysql 5.0.33
Mysql Mysql 5.0.66
Oracle Mysql 5.0.7
Mysql Mysql 5.1.23
Oracle Mysql 5.1.13
Oracle Mysql 5.1.14
Oracle Mysql 5.1.30
Oracle Mysql 5.1
Mysql Mysql 5.1.5
Oracle Mysql 5.1.18
Oracle Mysql 5.1.24
NA
CVE-2012-6055
epan/dissectors/packet-3g-a11.c in the 3GPP2 A11 dissector in Wireshark 1.8.x prior to 1.8.4 allows remote malicious users to cause a denial of service (infinite loop) via a zero value in a sub-type length field.
Wireshark Wireshark 1.8.0
Wireshark Wireshark 1.8.1
Wireshark Wireshark 1.8.2
Wireshark Wireshark 1.8.3
6.5
CVSSv3
CVE-2017-17046
An issue exists in Xen up to and including 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, because disjoint blocks, and physical addresses that do not start at zero, are mishandled.
Xen Xen
NA
CVE-2011-0609
Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and previous versions on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and previous versions on Android; Adobe AIR 2.5.1 and previous versions; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9...
Adobe Flash Player 10.1.92.10
Adobe Flash Player 10.0.15.3
Adobe Flash Player 9.0.112.0
Adobe Flash Player 9.0.246.0
Adobe Flash Player 9.0.45.0
Adobe Flash Player 9.0.114.0
Adobe Flash Player 9.0.31.0
Adobe Flash Player 9.0.124.0
Adobe Flash Player 8.0.22.0
Adobe Flash Player 10.1.95.1
Adobe Flash Player 10.0.12.10
Adobe Flash Player 10.0.0.584
Adobe Flash Player 9.0.16
Adobe Flash Player 9.0.125.0
Adobe Flash Player 9.0.28.0
Adobe Flash Player 10.0.22.87
Adobe Flash Player 9.0
Adobe Flash Player 9.0.155.0
Adobe Flash Player 7.0.25
Adobe Flash Player 7.0.63
Adobe Flash Player 9.0.20
Adobe Flash Player 7.0.24.0
1 EDB exploit
6 Articles
NA
CVE-2003-0001
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote malicious users to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
Linux Linux Kernel 2.4.1
Freebsd Freebsd 4.6
Freebsd Freebsd 4.7
Linux Linux Kernel 2.4.15
Linux Linux Kernel 2.4.16
Linux Linux Kernel 2.4.4
Linux Linux Kernel 2.4.5
Linux Linux Kernel 2.4.6
Microsoft Windows 2000
Microsoft Windows 2000 Terminal Services
Netbsd Netbsd 1.6
Freebsd Freebsd 4.2
Freebsd Freebsd 4.3
Linux Linux Kernel 2.4.11
Linux Linux Kernel 2.4.12
Linux Linux Kernel 2.4.19
Linux Linux Kernel 2.4.2
Linux Linux Kernel 2.4.9
Netbsd Netbsd 1.5
Netbsd Netbsd 1.5.1
Linux Linux Kernel 2.4.10
Linux Linux Kernel 2.4.17
3 EDB exploits
2 Github repositories
5.5
CVSSv3
CVE-2016-3878
decoder/ih264d_api.c in mediaserver in Android 6.x prior to 2016-09-01 mishandles the case of decoding zero MBs, which allows remote malicious users to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 29493002.
Google Android 6.0
Google Android 6.0.1
NA
CVE-2012-4286
The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser in Wireshark 1.8.x prior to 1.8.2 allows user-assisted remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a crafted pcap-ng file.
Sun Sunos 5.11
Wireshark Wireshark 1.8.1
Wireshark Wireshark 1.8.0
8.3
CVSSv3
CVE-2019-9900
When parsing HTTP/1.x header values, Envoy 1.9.0 and before does not reject embedded zero characters (NUL, ASCII 0x0). This allows remote attackers crafting header values containing embedded NUL characters to potentially bypass header matching rules, gaining access to unauthorize...
Envoyproxy Envoy
Redhat Openshift Service Mesh -
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »