Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
server core vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-26423
.NET Core and Visual Studio Denial of Service Vulnerability
Microsoft Visual Studio 2017
Microsoft Visual Studio 2019
Microsoft Visual Studio 2019 8.10
Microsoft .net
Microsoft .net Core
Microsoft Powershell Core
7.5
CVSSv3
CVE-2021-22946
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be byp...
Haxx Curl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 35
Netapp Cloud Backup -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Clustered Data Ontap -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp Solidfire Baseboard Management Controller Firmware -
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
2 Github repositories
5.3
CVSSv3
CVE-2021-22897
curl 7.61.0 up to and including 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" variable...
Haxx Curl
Oracle Mysql Server
Oracle Essbase
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.1
Oracle Communications Cloud Native Core Binding Support Function 1.11.0
Netapp Cloud Backup -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Hci Compute Node Firmware -
Netapp H300e Firmware -
Netapp H300s Firmware -
Netapp H410s Firmware -
Netapp H500e Firmware -
Netapp H500s Firmware -
Netapp H700e Firmware -
Netapp H700s Firmware -
Siemens Sinec Infrastructure Network Services
6.4
CVSSv3
CVE-2021-37159
hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel up to and including 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
Linux Linux Kernel
Debian Debian Linux 9.0
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
6.8
CVSSv3
CVE-2023-24023
Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 up to and including 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injecti...
Bluetooth Bluetooth Core Specification
Microsoft Windows 10 22h2
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 11 23h2
Microsoft Windows Server 2022 23h2
Microsoft Windows 10 21h2
Microsoft Windows 10 1809
Microsoft Windows Server 2019
Microsoft Windows Server 2022
1 Github repository
1 Article
7.5
CVSSv3
CVE-2018-11759
The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed ...
Apache Tomcat Jk Connector
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Jboss Core Services -
8 Github repositories
NA
CVE-2007-3847
The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
Apache Http Server
Fedoraproject Fedora 7
Fedoraproject Fedora Core 6
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
9.8
CVSSv3
CVE-2021-3773
A flaw in netfilter could allow a network-connected malicious user to infer openvpn connection endpoint information for further use in traditional network attacks.
Linux Linux Kernel
Fedoraproject Fedora 34
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
NA
CVE-2004-1011
Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 up to and including 2.2.8, with the imapmagicplus option enabled, allows remote malicious users to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.
Carnegie Mellon University Cyrus Imap Server 2.1.7
Carnegie Mellon University Cyrus Imap Server 2.1.9
Carnegie Mellon University Cyrus Imap Server 2.2.6
Carnegie Mellon University Cyrus Imap Server 2.2.7
Carnegie Mellon University Cyrus Imap Server 2.2.8
Carnegie Mellon University Cyrus Imap Server 2.1.10
Carnegie Mellon University Cyrus Imap Server 2.1.16
Carnegie Mellon University Cyrus Imap Server 2.2.4
Carnegie Mellon University Cyrus Imap Server 2.2.5
Carnegie Mellon University Cyrus Imap Server 2.2.2 Beta
Carnegie Mellon University Cyrus Imap Server 2.2.3
Conectiva Linux 9.0
Carnegie Mellon University Cyrus Imap Server 2.2.0 Alpha
Carnegie Mellon University Cyrus Imap Server 2.2.1 Beta
Openpkg Openpkg Current
Conectiva Linux 10.0
Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Redhat Fedora Core Core 2.0
Redhat Fedora Core Core 3.0
Ubuntu Ubuntu Linux 4.1
Trustix Secure Linux 2.2
NA
CVE-2004-1012
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and previous versions allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index in...
Carnegie Mellon University Cyrus Imap Server 2.1.7
Carnegie Mellon University Cyrus Imap Server 2.1.9
Carnegie Mellon University Cyrus Imap Server 2.2.7
Carnegie Mellon University Cyrus Imap Server 2.2.8
Carnegie Mellon University Cyrus Imap Server 2.1.10
Carnegie Mellon University Cyrus Imap Server 2.1.16
Carnegie Mellon University Cyrus Imap Server 2.2.4
Carnegie Mellon University Cyrus Imap Server 2.2.5
Carnegie Mellon University Cyrus Imap Server 2.2.6
Carnegie Mellon University Cyrus Imap Server 2.2.2 Beta
Carnegie Mellon University Cyrus Imap Server 2.2.3
Conectiva Linux 9.0
Carnegie Mellon University Cyrus Imap Server 2.2.0 Alpha
Carnegie Mellon University Cyrus Imap Server 2.2.1 Beta
Openpkg Openpkg Current
Conectiva Linux 10.0
Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Redhat Fedora Core Core 2.0
Redhat Fedora Core Core 3.0
Ubuntu Ubuntu Linux 4.1
Trustix Secure Linux 2.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »