Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 21 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2015-7295
hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allows remote malicious users to cause a denial of service (guest network consumption) via a flood of jumbo frames on the (1) tuntap or (2) macv...
Qemu Qemu
Fedoraproject Fedora 22
Fedoraproject Fedora 21
Debian Debian Linux 8.0
Debian Debian Linux 7.0
445
VMScore
CVE-2015-6855
hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive,...
Qemu Qemu
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Fedoraproject Fedora 21
Suse Linux Enterprise Server 12
Suse Linux Enterprise Desktop 12
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Arista Eos -
445
VMScore
CVE-2015-1840
jquery_ujs.js in jquery-rails prior to 3.1.3 and 4.x prior to 4.0.4 and rails.js in jquery-ujs prior to 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote malicious users to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web...
Fedoraproject Fedora 22
Fedoraproject Fedora 21
Rubyonrails Jquery-rails 4.0.0
Rubyonrails Jquery-rails
Rubyonrails Jquery-rails 4.0.1
Rubyonrails Jquery-ujs
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
445
VMScore
CVE-2015-3451
The _clone function in XML::LibXML prior to 2.0119 does not properly set the expand_entities option, which allows remote malicious users to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function.
Xml-libxml Project Xml-libxml
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
445
VMScore
CVE-2015-0844
The WML/Lua API in Battle for Wesnoth 1.7.x up to and including 1.11.x and 1.12.x prior to 1.12.2 allows remote malicious users to read arbitrary files via a crafted (1) campaign or (2) map file.
Wesnoth Battle For Wesnoth 1.11.1
Wesnoth Battle For Wesnoth 1.11.3
Wesnoth Battle For Wesnoth 1.7.5
Wesnoth Battle For Wesnoth 1.7.11-1.8
Wesnoth Battle For Wesnoth 1.11.12
Wesnoth Battle For Wesnoth 1.7.14-1.8
Wesnoth Battle For Wesnoth 1.9.3
Wesnoth Battle For Wesnoth 1.9.12
Wesnoth Battle For Wesnoth 1.12.0
Wesnoth Battle For Wesnoth 1.11.11
Wesnoth Battle For Wesnoth 1.11.13
Wesnoth Battle For Wesnoth 1.8.0
Wesnoth Battle For Wesnoth 1.9.0
Wesnoth Battle For Wesnoth 1.11.17
Wesnoth Battle For Wesnoth 1.11.5
Wesnoth Battle For Wesnoth 1.9.13
Wesnoth Battle For Wesnoth 1.9.7
Wesnoth Battle For Wesnoth 1.9.9
Wesnoth Battle For Wesnoth 1.11.6
Wesnoth Battle For Wesnoth 1.11.18
Wesnoth Battle For Wesnoth 1.7.4
Wesnoth Battle For Wesnoth 1.9.5
445
VMScore
CVE-2015-1827
The get_user_grouplist function in the extdom plug-in in FreeIPA prior to 4.1.4 does not properly reallocate memory when processing user accounts, which allows remote malicious users to cause a denial of service (crash) via a group list request for a user that belongs to a large ...
Freeipa Freeipa
Fedoraproject Fedora 22
Fedoraproject Fedora 21
445
VMScore
CVE-2015-0295
The BMP decoder in QtGui in QT prior to 5.5 does not properly calculate the masks used to extract the color components, which allows remote malicious users to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.
Fedoraproject Fedora 22
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Opensuse Opensuse 13.1
Digia Qt
445
VMScore
CVE-2015-2206
libraries/select_lang.lib.php in phpMyAdmin 4.0.x prior to 4.0.10.9, 4.2.x prior to 4.2.13.2, and 4.3.x prior to 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier fo...
Fedoraproject Fedora 22
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 4.3.1
Phpmyadmin Phpmyadmin 4.3.2
Phpmyadmin Phpmyadmin 4.2.1
Phpmyadmin Phpmyadmin 4.3.5
Phpmyadmin Phpmyadmin 4.3.11
Phpmyadmin Phpmyadmin 4.3.4
Phpmyadmin Phpmyadmin 4.0.5
Phpmyadmin Phpmyadmin 4.0.3
Phpmyadmin Phpmyadmin 4.2.10.1
Phpmyadmin Phpmyadmin 4.3.6
Phpmyadmin Phpmyadmin 4.2.8.1
Phpmyadmin Phpmyadmin 4.0.7
Phpmyadmin Phpmyadmin 4.3.10
Phpmyadmin Phpmyadmin 4.0.10
Phpmyadmin Phpmyadmin 4.0.10.4
Phpmyadmin Phpmyadmin 4.2.2
Phpmyadmin Phpmyadmin 4.0.8
Phpmyadmin Phpmyadmin 4.3.8
445
VMScore
CVE-2015-1165
RT (aka Request Tracker) 3.8.8 up to and including 4.x prior to 4.0.23 and 4.2.x prior to 4.2.10 allows remote malicious users to obtain sensitive RSS feed URLs and ticket data via unspecified vectors.
Fedoraproject Fedora 22
Debian Debian Linux 7.0
Fedoraproject Fedora 21
Bestpractical Request Tracker 4.2.3
Bestpractical Request Tracker 4.2.6
Bestpractical Request Tracker 4.0.18
Bestpractical Request Tracker 3.8.15
Bestpractical Request Tracker 4.0.0
Bestpractical Request Tracker 4.0.6
Bestpractical Request Tracker 4.0.7
Bestpractical Request Tracker 4.0.17
Bestpractical Request Tracker 4.0.21
Bestpractical Request Tracker 4.0.22
Bestpractical Request Tracker 3.8.16
Bestpractical Request Tracker 4.0.5
Bestpractical Request Tracker 4.2.2
Bestpractical Request Tracker 4.0.15
Bestpractical Request Tracker 4.2.7
Bestpractical Request Tracker 4.2.0
Bestpractical Request Tracker 4.0.1
Bestpractical Request Tracker 4.0.2
Bestpractical Request Tracker 4.0.10
445
VMScore
CVE-2015-0886
Integer overflow in the crypt_raw method in the key-stretching implementation in jBCrypt prior to 0.4 makes it easier for remote malicious users to determine cleartext values of password hashes via a brute-force attack against hashes associated with the maximum exponent.
Mindrot Jbcrypt
Fedoraproject Fedora 22
Fedoraproject Fedora 20
Fedoraproject Fedora 21
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »