Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 1.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4533
Cross-site scripting (XSS) vulnerability in the "extra" details in the DiffSource._get_row function in lib/viewvc.py in ViewVC 1.0.x prior to 1.0.13 and 1.1.x prior to 1.1.16 allows remote authenticated users with repository commit access to inject arbitrary web script ...
Viewvc Viewvc
Debian Debian Linux 7.0
Debian Debian Linux 6.0
9.8
CVSSv3
CVE-2018-6521
The sqlauth module in SimpleSAMLphp prior to 1.15.2 relies on the MySQL utf8 charset, which truncates queries upon encountering four-byte characters. There might be a scenario in which this allows remote malicious users to bypass intended access restrictions.
Simplesamlphp Simplesamlphp
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2017-12869
The multiauth module in SimpleSAMLphp 1.14.13 and previous versions allows remote malicious users to bypass authentication context restrictions and use an authentication source defined in config/authsources.php via vectors related to improper validation of user input.
Simplesamlphp Simplesamlphp
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
9.8
CVSSv3
CVE-2017-12873
SimpleSAMLphp 1.7.0 up to and including 1.14.10 might allow malicious users to obtain sensitive information, gain unauthorized access, or have unspecified other impacts by leveraging incorrect persistent NameID generation when an Identity Provider (IdP) is misconfigured.
Simplesamlphp Simplesamlphp
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
6.1
CVSSv3
CVE-2017-18121
The consentAdmin module in SimpleSAMLphp up to and including 1.14.15 is vulnerable to a Cross-Site Scripting attack, allowing an malicious user to craft links that could execute arbitrary JavaScript code on the victim's web browser.
Simplesamlphp Simplesamlphp
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
4.3
CVSSv3
CVE-2014-6276
schema.py in Roundup prior to 1.5.1 does not properly limit attributes included in default user permissions, which might allow remote authenticated users to obtain sensitive user information by viewing user details.
Roundup-tracker Roundup
Debian Debian Linux 8.0
Debian Debian Linux 7.0
NA
CVE-2012-1988
Puppet 2.6.x prior to 2.6.15 and 2.7.x prior to 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x prior to 2.5.1 allows remote authenticated users with agent SSL keys and file-creation permissions on the puppet master to execute arbitrary commands by crea...
Puppet Puppet
Puppet Puppet Enterprise 1.0
Puppet Puppet Enterprise 1.1
Puppet Puppet Enterprise
Fedoraproject Fedora 17
Fedoraproject Fedora 16
Fedoraproject Fedora 15
Debian Debian Linux 7.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 10.04
9.8
CVSSv3
CVE-2017-5946
The Zip::File component in the rubyzip gem prior to 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows uploading of .zip files, an attacker can upload a malicious file that uses "../" pathname substrings to write arbitrary files to the filesystem.
Rubyzip Project Rubyzip
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2023-41358
An issue exists in FRRouting FRR up to and including 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero.
Frrouting Frrouting
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
7.5
CVSSv3
CVE-2023-31490
An issue found in Frrouting bgpd v.8.4.2 allows a remote malicious user to cause a denial of service via the bgp_attr_psid_sub() function.
Frrouting Frrouting 8.4.2
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »