Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ceph vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-36054
lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) prior to 1.20.2 and 1.21.x prior to 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_...
Mit Kerberos 5 1.21
Mit Kerberos 5
Debian Debian Linux 10.0
Netapp Hci -
Netapp Active Iq Unified Manager -
Netapp Management Services For Element Software -
Netapp Ontap Tools -
Netapp Clustered Data Ontap 9.0
1 Github repository
5.5
CVSSv3
CVE-2023-32611
A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.
Gnome Glib
5.5
CVSSv3
CVE-2023-32665
A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.
Gnome Glib
7.5
CVSSv3
CVE-2023-29499
A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service.
Gnome Glib
7.5
CVSSv3
CVE-2020-24659
An issue exists in GnuTLS prior to 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path,...
Gnu Gnutls
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 20.04
9.8
CVSSv3
CVE-2022-41912
The crewjam/saml go library prior to version 0.4.9 is vulnerable to an authentication bypass when processing SAML responses containing multiple Assertion elements. This issue has been corrected in version 0.4.9. There are no workarounds other than upgrading to a fixed version.
Saml Project Saml
8.2
CVSSv3
CVE-2020-13379
The avatar feature in Grafana 3.0.1 up to and including 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain inf...
Grafana Grafana
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Netapp E-series Performance Analyzer -
Opensuse Leap 15.2
Opensuse Backports Sle 15.0
7 Github repositories
6.1
CVSSv3
CVE-2018-20677
In Bootstrap prior to 3.4.0, XSS is possible in the affix configuration target property.
Getbootstrap Bootstrap
1 Github repository
NA
CVE-2013-1060
A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd directory and consequently reads the system configuration file from the ~buildd direct...
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 13.10
8.1
CVSSv3
CVE-2016-9587
Ansible prior to 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this ...
Redhat Ansible
Ansible Ansible
Redhat Openstack 11
1 EDB exploit
1 Github repository
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »