Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 7 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2014-1398
The entity wrapper access API in the Entity API module 7.x-1.x prior to 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions on comment, user and node statistics properties via unspecified vectors.
Entity Api Project Entity Api 7.x-1.1
Entity Api Project Entity Api 7.x-1.0
Entity Api Project Entity Api 7.x-1.2
Fedoraproject Fedora 20
Fedoraproject Fedora 19
4
CVSSv2
CVE-2014-1400
The entity_access API in the Entity API module 7.x-1.x prior to 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions and read unpublished comments via unspecified vectors.
Entity Api Project Entity Api 7.x-1.1
Entity Api Project Entity Api 7.x-1.0
Entity Api Project Entity Api 7.x-1.2
Fedoraproject Fedora 20
Fedoraproject Fedora 19
4
CVSSv2
CVE-2014-1399
The entity wrapper access API in the Entity API module 7.x-1.x prior to 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions on referenced entities via unspecified vectors.
Entity Api Project Entity Api 7.x-1.1
Entity Api Project Entity Api 7.x-1.0
Entity Api Project Entity Api 7.x-1.2
Fedoraproject Fedora 20
Fedoraproject Fedora 19
7.2
CVSSv2
CVE-2007-1321
Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness erro...
Qemu Qemu 0.8.2
Fedoraproject Fedora 7
Fedoraproject Fedora Core 6
Debian Debian Linux 3.1
Debian Debian Linux 4.0
5.8
CVSSv2
CVE-2015-1051
Open redirect vulnerability in the Context UI module in the Context module 7.x-3.x prior to 7.x-3.6 for Drupal allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter.
Context Project Context 7.x-3.1
Context Project Context 7.x-3.5
Context Project Context 7.x-3.4
Context Project Context 7.x-3.2
Context Project Context 7.x-3.0
Context Project Context 7.x-3.3
Fedoraproject Fedora 20
Fedoraproject Fedora 21
7.2
CVSSv2
CVE-2007-6601
The DBLink module in PostgreSQL 8.2 prior to 8.2.6, 8.1 prior to 8.1.11, 8.0 prior to 8.0.15, 7.4 prior to 7.4.19, and 7.3 prior to 7.3.21, when local trust or ident authentication is used, allows remote malicious users to gain privileges via unspecified vectors. NOTE: this issue...
Postgresql Postgresql 8.2
Postgresql Postgresql
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Fedoraproject Fedora 8
Fedoraproject Fedora 7
2.1
CVSSv2
CVE-2008-1567
phpMyAdmin prior to 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information.
Phpmyadmin Phpmyadmin
Debian Debian Linux 4.0
Fedoraproject Fedora 8
Fedoraproject Fedora 7
Opensuse Opensuse 10.2
Opensuse Opensuse 11.0
Opensuse Opensuse 10.3
3.5
CVSSv2
CVE-2016-3144
Cross-site scripting (XSS) vulnerability in the Block Class module 7.x-2.x prior to 7.x-2.2 for Drupal allows remote authenticated users with the "Administer block classes" permission to inject arbitrary web script or HTML via a class name.
Fourkitchens Block Class 7.x-2.0
Fourkitchens Block Class 7.x-2.1
Fedoraproject Fedora 24
4.3
CVSSv2
CVE-2008-0005
mod_proxy_ftp in Apache 2.2.x prior to 2.2.7-dev, 2.0.x prior to 2.0.62-dev, and 1.3.x prior to 1.3.40-dev does not define a charset, which allows remote malicious users to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
Apache Http Server
Fedoraproject Fedora 8
Fedoraproject Fedora 7
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
5
CVSSv2
CVE-2007-3847
The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
Apache Http Server
Fedoraproject Fedora 7
Fedoraproject Fedora Core 6
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »