Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 20 vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2015-0557
Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote malicious users to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive.
Arj Software Arj Archiver
Fedoraproject Fedora 22
Fedoraproject Fedora 20
Fedoraproject Fedora 21
7.5
CVSSv2
CVE-2015-2782
Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive.
Debian Debian Linux 7.0
Fedoraproject Fedora 22
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Arj Software Arj Archiver 3.10.22
4.9
CVSSv2
CVE-2015-2756
QEMU, as used in Xen 3.3.x up to and including 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI...
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Xen Xen 4.3.2
Xen Xen 4.3.0
Xen Xen 4.4.1
Xen Xen 4.3.1
Xen Xen 4.5.0
Xen Xen 4.4.0
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
7.1
CVSSv2
CVE-2015-2751
Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allows remote domains with partial management control to cause a denial of service (host lock) via unspecified domctl operations.
Xen Xen 4.3.2
Xen Xen 4.3.0
Xen Xen 4.4.0
Xen Xen 4.4.1
Xen Xen 4.3.1
Xen Xen 4.5.0
Fedoraproject Fedora 20
Fedoraproject Fedora 21
4.9
CVSSv2
CVE-2015-2752
The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x up to and including 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service (host CPU consumption) via a crafted request to the device model (qemu-dm)...
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Xen Xen 4.3.2
Xen Xen 4.3.0
Xen Xen 4.4.1
Xen Xen 4.3.1
Xen Xen 4.5.0
Xen Xen 4.4.0
2.1
CVSSv2
CVE-2015-2157
The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 up to and including 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory.
Fedoraproject Fedora 22
Debian Debian Linux 7.0
Fedoraproject Fedora 20
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Putty Putty 0.51
Simon Tatham Putty 0.53
Putty Putty 0.55
Putty Putty 0.53b
Putty Putty 0.52
Putty Putty 0.54
Putty Putty 0.56
Putty Putty 0.57
Putty Putty 0.58
Putty Putty 0.59
Putty Putty 0.60
Putty Putty 0.61
Putty Putty 0.62
Putty Putty 0.63
5
CVSSv2
CVE-2015-0295
The BMP decoder in QtGui in QT prior to 5.5 does not properly calculate the masks used to extract the color components, which allows remote malicious users to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.
Fedoraproject Fedora 22
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Opensuse Opensuse 13.1
Digia Qt
1.9
CVSSv2
CVE-2015-2152
Xen 4.5.x and previous versions enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by (1) setting the DISPLAY environment variable, wh...
Xen Xen
Fedoraproject Fedora 22
Fedoraproject Fedora 20
Fedoraproject Fedora 21
7.5
CVSSv2
CVE-2015-0778
osc prior to 0.151.0 allows remote malicious users to execute arbitrary commands via shell metacharacters in a _service file.
Fedoraproject Fedora 22
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Suse Opensuse Osc
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
2.1
CVSSv2
CVE-2015-2045
The HYPERVISOR_xen_version hypercall in Xen 3.2.x up to and including 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors.
Xen Xen 3.2.0
Xen Xen 4.1.5
Xen Xen 3.2.1
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 3.4.0
Xen Xen 4.3.0
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 3.3.2
Xen Xen 4.1.2
Xen Xen 3.2.2
Xen Xen 3.4.4
Xen Xen 4.0.0
Xen Xen 4.4.0
Xen Xen 4.1.1
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 3.4.3
Xen Xen 4.4.1
Xen Xen 4.1.3
Xen Xen 3.2.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »