Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apr vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2015-0207
The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 prior to 1.0.2a does not properly isolate the state information of independent data streams, which allows remote malicious users to cause a denial of service (application crash) via crafted DTLS traffic, as demonstrated by DT...
Openssl Openssl 1.0.2
4.3
CVSSv2
CVE-2015-0208
The ASN.1 signature-verification implementation in the rsa_item_verify function in crypto/rsa/rsa_ameth.c in OpenSSL 1.0.2 prior to 1.0.2a allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via crafted RSA PSS parameters to...
Openssl Openssl 1.0.2
6.8
CVSSv2
CVE-2015-0209
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL prior to 0.9.8zf, 1.0.0 prior to 1.0.0r, 1.0.1 prior to 1.0.1m, and 1.0.2 prior to 1.0.2a might allow remote malicious users to cause a denial of service (memory corruption and applica...
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.0n
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0p
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.0o
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.0k
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1e
4.3
CVSSv2
CVE-2015-0285
The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2 prior to 1.0.2a does not ensure that the PRNG is seeded before proceeding with a handshake, which makes it easier for remote malicious users to defeat cryptographic protection mechanisms by sniffing the network and then...
Openssl Openssl 1.0.2
3.6
CVSSv2
CVE-2021-35940
An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to t...
Apache Portable Runtime 1.7.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
5
CVSSv2
CVE-2014-3569
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected ...
Openssl Openssl 1.0.1j
NA
CVE-2022-25147
Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an malicious user to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.
Apache Portable Runtime Utility
5
CVSSv2
CVE-2003-0245
Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 up to and including 2.0.45 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML ...
Apache Http Server 2.0.42
Apache Http Server 2.0.37
Apache Http Server 2.0.44
Apache Http Server 2.0.39
Apache Http Server 2.0.41
Apache Http Server 2.0.38
Apache Http Server 2.0.45
Apache Http Server 2.0.40
Apache Http Server 2.0.43
1 EDB exploit
5
CVSSv2
CVE-2012-0840
tables/apr_hash.c in the Apache Portable Runtime (APR) library up to and including 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via ...
Apache Portable Runtime 1.3.6-dev
Apache Portable Runtime 1.3.7
Apache Portable Runtime 0.9.7-dev
Apache Portable Runtime 1.3.3
Apache Portable Runtime 0.9.6
Apache Portable Runtime 0.9.16-dev
Apache Portable Runtime 0.9.8
Apache Portable Runtime 1.3.1
Apache Portable Runtime 1.3.2
Apache Portable Runtime 1.3.9
Apache Portable Runtime 1.3.4
Apache Portable Runtime 1.3.10
Apache Portable Runtime 0.9.4
Apache Portable Runtime 1.4.3
Apache Portable Runtime 1.4.4
Apache Portable Runtime 1.4.1
Apache Portable Runtime 0.9.3
Apache Portable Runtime 0.9.1
Apache Portable Runtime
Apache Portable Runtime 0.9.5
Apache Portable Runtime 1.3.8
Apache Portable Runtime 1.4.0
1 EDB exploit
7.5
CVSSv2
CVE-2020-16226
Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an malicious user to remotely execute arbitrary commands.
Mitsubishielectric Qj71mes96 Firmware
Mitsubishielectric Qj71ws96 Firmware
Mitsubishielectric Q06ccpu-v Firmware
Mitsubishielectric Q24dhccpu-v Firmware
Mitsubishielectric Q24dhccpu-vg Firmware
Mitsubishielectric R12ccpu-v Firmware
Mitsubishielectric Rd55up06-v Firmware
Mitsubishielectric Rd55up12-v Firmware
Mitsubishielectric Rj71gn11-t2 Firmware
Mitsubishielectric Rj71en71 Firmware
Mitsubishielectric Qj71e71-100 Firmware
Mitsubishielectric Lj71e71-100 Firmware
Mitsubishielectric Qj71mt91 Firmware
Mitsubishielectric Rd78gn\\(n\\=4\\,8\\,16\\,32\\,64\\) Firmware
Mitsubishielectric Rd78ghv Firmware
Mitsubishielectric Rd78ghw Firmware
Mitsubishielectric Nz2gacp620-60 Firmware
Mitsubishielectric Nz2gacp620-300 Firmware
Mitsubishielectric Nz2ft-mt Firmware
Mitsubishielectric Nz2ft-eip Firmware
Mitsubishielectric Q03udecpu Firmware
Mitsubishielectric Qnudehcpu\\(n\\=04\\/06\\/10\\/13\\/20\\/26\\/50\\/100\\) Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »