Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
core security vulnerabilities and exploits
(subscribe to this query)
5.7
CVSSv3
CVE-2022-2393
A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but...
Pki-core Project Pki-core
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Certificate System 9.0
Redhat Certificate System 10.0
Redhat Enterprise Linux 9.0
7.5
CVSSv3
CVE-2020-28469
This affects the package glob-parent prior to 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.
Gulpjs Glob-parent
Oracle Communications Cloud Native Core Policy 1.14.0
2 Github repositories
5.4
CVSSv3
CVE-2020-10135
Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and previous versions may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could...
Bluetooth Bluetooth Core
Opensuse Leap 15.1
4 Github repositories
4.3
CVSSv3
CVE-2022-20612
A cross-site request forgery (CSRF) vulnerability in Jenkins 2.329 and previous versions, LTS 2.319.1 and previous versions allows malicious users to trigger build of job without parameters when no security realm is set.
Jenkins Jenkins
Oracle Communications Cloud Native Core Automated Test Suite 1.9.0
7.8
CVSSv3
CVE-2021-4197
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both f...
Linux Linux Kernel
Debian Debian Linux 10.0
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Binding Support Function 22.1.1
Oracle Communications Cloud Native Core Binding Support Function 22.2.0
Broadcom Brocade Fabric Operating System Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
8.8
CVSSv3
CVE-2020-0605
A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Ex...
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.8
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
Microsoft .net Framework 4.6.1
Microsoft .net Core 1.0
Microsoft .net Core 3.0
Microsoft .net Core 3.1
2 Articles
9.8
CVSSv3
CVE-2021-43527
NSS (Network Security Services) versions before 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. A...
Mozilla Nss Esr
Mozilla Nss
Netapp Cloud Backup -
Netapp E-series Santricity Os Controller
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.1
Oracle Communications Cloud Native Core Binding Support Function 1.11.0
Oracle Communications Policy Management 12.6.0.0.0
Starwindsoftware Starwind Virtual San V8r13
Starwindsoftware Starwind San \\& Nas V8r13
9.8
CVSSv3
CVE-2021-29921
In Python prior to 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows malicious users to bypass access control that is based on IP addresses.
Python Python
Oracle Zfs Storage Appliance Kit 8.8
Oracle Graalvm 20.3.2
Oracle Graalvm 21.1.0
Oracle Communications Cloud Native Core Automated Test Suite 1.8.0
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Oracle Communications Cloud Native Core Binding Support Function 1.11.0
1 Github repository
6.7
CVSSv3
CVE-2021-42739
The firewire subsystem in the Linux kernel up to and including 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
Linux Linux Kernel
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Starwindsoftware Starwind San \\& Nas V8r12
Starwindsoftware Starwind Virtual San V8r13
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
1 Github repository
6
CVSSv3
CVE-2017-5703
Configuration of SPI Flash in platforms based on multiple Intel platforms allow a local malicious user to alter the behavior of the SPI flash potentially leading to a Denial of Service.
Intel Core I7-8706g -
Intel Core I7-8705g -
Intel Core I7-8559u -
Intel Core I7-8550u -
Intel Core I7-8850h -
Intel Core I7-8809g -
Intel Core I7-8709g -
Intel Core I7-8700 -
Intel Core I7-8650u -
Intel Core I7-8750h -
Intel Core I7-8700t -
Intel Core I7-8700k -
Intel Core I7-8700b -
Intel Core I7-7660u -
Intel Core I7-7700t -
Intel Core I7-7567u -
Intel Core I7-7600u -
Intel Core I7-7820hq -
Intel Core I7-7920hq -
Intel Core I7-7y75 -
Intel Core I7-7700k -
Intel Core I7-7700 -
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »