Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 1.3.1 vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2022-1785
Out-of-bounds Write in GitHub repository vim/vim before 8.2.4977.
Vim Vim
Debian Debian Linux 10.0
10
CVSSv2
CVE-2022-1292
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the ...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Snapmanager -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
7 Github repositories
1 Article
4.3
CVSSv2
CVE-2022-26505
A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) prior to 1.3.1 allows a remote web server to exfiltrate media files.
Readymedia Project Readymedia
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2020-1968
The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. In such a case this would result in the attacker being able to eavesdrop o...
Openssl Openssl
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 9.0
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Jd Edwards World Security A9.4
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Ethernet Switch Es2-64 Firmware 2.0.0.14
Oracle Ethernet Switch Es2-72 Firmware 2.0.0.14
Fujitsu M10-1 Firmware
Fujitsu M10-4 Firmware
Fujitsu M10-4s Firmware
Fujitsu M12-1 Firmware
Fujitsu M12-2 Firmware
Fujitsu M12-2s Firmware
Oracle Ethernet Switch Es1-24 Firmware 1.3.1
Oracle Ethernet Switch Tor-72 Firmware 1.2.2
7.5
CVSSv2
CVE-2014-4172
A URL parameter injection vulnerability was found in the back-channel ticket validation step of the CAS protocol in Jasig Java CAS Client prior to 3.3.2, .NET CAS Client prior to 1.0.2, and phpCAS prior to 1.3.3 that allow remote malicious users to inject arbitrary web script or ...
Apereo .net Cas Client
Apereo Java Cas Client
Apereo Phpcas
Debian Debian Linux 7.0
Fedoraproject Fedora 20
5
CVSSv2
CVE-2019-16792
Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. ...
Agendaless Waitress
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2019-16785
Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR.&quo...
Agendaless Waitress
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Debian Debian Linux 9.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Openstack 15
5
CVSSv2
CVE-2019-16786
Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separ...
Agendaless Waitress
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Debian Debian Linux 9.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Openstack 15
6.8
CVSSv2
CVE-2011-1588
Thunar prior to 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error.
Xfce Thunar 1.2.0
Xfce Thunar 1.2.1
Opensuse Opensuse 11.4
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5
CVSSv2
CVE-2016-10746
libvirt-domain.c in libvirt prior to 1.3.1 supports virDomainGetTime API calls by guest agents with an RO connection, even though an RW connection was supposed to be required, a different vulnerability than CVE-2019-3886.
Redhat Libvirt
Debian Debian Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »