Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 24 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2016-6515
The auth_password function in auth-passwd.c in sshd in OpenSSH prior to 7.3 does not limit password lengths for password authentication, which allows remote malicious users to cause a denial of service (crypt CPU consumption) via a long string.
Openbsd Openssh
Fedoraproject Fedora 24
1 EDB exploit
3 Github repositories
7.8
CVSSv2
CVE-2016-4021
The read_binary function in buffer.c in pgpdump prior to 0.30 allows context-dependent malicious users to cause a denial of service (infinite loop and CPU consumption) via crafted input, as demonstrated by the \xa3\x03 string.
Fedoraproject Fedora 23
Fedoraproject Fedora 22
Fedoraproject Fedora 24
Pgpdump Project Pgpdump
7.5
CVSSv2
CVE-2021-30475
aom_dsp/noise_model.c in libaom in AOMedia prior to 2021-03-24 has a buffer overflow.
Aomedia Aomedia
Fedoraproject Fedora 34
7.5
CVSSv2
CVE-2015-8980
The plural form formula in ngettext family of calls in php-gettext prior to 1.0.12 allows remote malicious users to execute arbitrary code.
Php-gettext Project Php-gettext
Opensuse Leap 42.2
Opensuse Leap 42.1
Redhat Enterprise Linux 5.0
Fedoraproject Fedora 24
7.5
CVSSv2
CVE-2016-2173
org.springframework.core.serializer.DefaultDeserializer in Spring AMQP prior to 1.5.5 allows remote malicious users to execute arbitrary code.
Fedoraproject Fedora 24
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Vmware Spring Advanced Message Queuing Protocol
1 Github repository
7.5
CVSSv2
CVE-2016-6233
The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework prior to 1.12.19 might allow remote malicious users to conduct SQL injection attacks via vectors related to use of the character pattern [\w]* in a regular expression.
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Zend Zend Framework
7.5
CVSSv2
CVE-2016-4861
The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework prior to 1.12.20 might allow remote malicious users to conduct SQL injection attacks by leveraging failure to remove comments from an SQL statement before validation.
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Zend Zend Framework
7.5
CVSSv2
CVE-2013-7459
Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote malicious users to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.
Dlitz Pycrypto
Fedoraproject Fedora 25
Fedoraproject Fedora 24
7.5
CVSSv2
CVE-2016-2090
Off-by-one vulnerability in the fgetwln function in libbsd prior to 0.8.2 allows malicious users to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow.
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Freedesktop Libbsd
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
7.5
CVSSv2
CVE-2016-8606
The REPL server (--listen) in GNU Guile 2.0.12 allows an malicious user to execute arbitrary code via an HTTP inter-protocol attack.
Gnu Guile 2.0.12
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Fedoraproject Fedora 23
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »