Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 2.2 vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2022-23097
An issue exists in the DNS proxy in Connman up to and including 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read.
Intel Connman
Debian Debian Linux 9.0
Debian Debian Linux 11.0
6.4
CVSSv2
CVE-2022-23096
An issue exists in the DNS proxy in Connman up to and including 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read.
Intel Connman
Debian Debian Linux 9.0
Debian Debian Linux 11.0
5
CVSSv2
CVE-2022-23098
An issue exists in the DNS proxy in Connman up to and including 1.40. The TCP server reply implementation has an infinite loop if no data is received.
Intel Connman
Debian Debian Linux 9.0
Debian Debian Linux 11.0
7.5
CVSSv2
CVE-2021-44420
In Django 2.2 prior to 2.2.25, 3.1 prior to 3.1.14, and 3.2 prior to 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths.
Djangoproject Django
Redhat Satellite 6.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
Fedoraproject Fedora 35
5
CVSSv2
CVE-2021-40346
An integer overflow exists in HAProxy 2.0 up to and including 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an malicious user to bypass all configured http-request HAProxy ACLs and possibly other ACLs.
Haproxy Haproxy
Haproxy Haproxy 2.5
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
7 Github repositories
4.3
CVSSv2
CVE-2021-40491
The ftp client in GNU Inetutils prior to 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl.
Gnu Inetutils
Debian Debian Linux 10.0
5
CVSSv2
CVE-2021-39240
An issue exists in HAProxy 2.2 prior to 2.2.16, 2.3 prior to 2.3.13, and 2.4 prior to 2.4.3. It does not ensure that the scheme and path portions of a URI have the expected characters. For example, the authority field (as observed on a target HTTP/2 server) might differ from what...
Haproxy Haproxy
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
5
CVSSv2
CVE-2021-39241
An issue exists in HAProxy 2.0 prior to 2.0.24, 2.2 prior to 2.2.16, 2.3 prior to 2.3.13, and 2.4 prior to 2.4.3. An HTTP method name may contain a space followed by the name of a protected resource. It is possible that a server would interpret this as a request for that protecte...
Haproxy Haproxy
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
5
CVSSv2
CVE-2021-39242
An issue exists in HAProxy 2.2 prior to 2.2.16, 2.3 prior to 2.3.13, and 2.4 prior to 2.4.3. It can lead to a situation with an attacker-controlled HTTP Host header, because a mismatch between Host and authority is mishandled.
Haproxy Haproxy
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
6
CVSSv2
CVE-2021-32761
Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, Redis `*BIT*` command are vulnerable to ...
Redislabs Redis
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »