Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 21 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-3420
A flaw was found in newlib in versions before 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nano_memalign, nano_valloc, nano_pvalloc could case an integer overflow, leading to an allocation of a small buffer and then to a heap-based buf...
Newlib Project Newlib
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
1 Article
7.5
CVSSv2
CVE-2017-18922
It exists that websockets.c in LibVNCServer before 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow.
Libvncserver Project Libvncserver
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Opensuse Leap 15.1
Opensuse Leap 15.2
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Siemens Simatic Itc1500 Firmware
Siemens Simatic Itc1500 Pro Firmware
Siemens Simatic Itc1900 Firmware
Siemens Simatic Itc1900 Pro Firmware
Siemens Simatic Itc2200 Firmware
Siemens Simatic Itc2200 Pro Firmware
7.5
CVSSv2
CVE-2020-1938
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exp...
Apache Tomcat
Apache Geode 1.12.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Oracle Transportation Management 6.3.7
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Instantis Enterprisetrack
Oracle Mysql Enterprise Monitor
Oracle Health Sciences Empirica Signal 7.3.3
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
Oracle Workload Manager 18c
Oracle Workload Manager 19c
Oracle Workload Manager 12.2.0.1
Oracle Agile Engineering Data Management 6.2.1.0
54 Github repositories
1 Article
7.5
CVSSv2
CVE-2014-8089
SQL injection vulnerability in Zend Framework prior to 1.12.9, 2.2.x prior to 2.2.8, and 2.3.x prior to 2.3.3, when using the sqlsrv PHP extension, allows remote malicious users to execute arbitrary SQL commands via a null byte.
Zend Zend Framework
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 7.0
Fedoraproject Fedora 19
Fedoraproject Fedora 20
Fedoraproject Fedora 21
7.5
CVSSv2
CVE-2015-6816
ganglia-web prior to 3.7.1 allows remote malicious users to bypass authentication.
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Fedoraproject Fedora 21
Ganglia Ganglia-web
7.5
CVSSv2
CVE-2015-2059
The stringprep_utf8_to_ucs4 function in libin prior to 1.31, as used in jabberd2, allows context-dependent malicious users to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read.
Gnu Libidn
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Fedoraproject Fedora 21
Fedoraproject Fedora 22
7.5
CVSSv2
CVE-2015-3145
The sanitize_cookie_path function in cURL and libcurl 7.31.0 up to and including 7.41.0 does not properly calculate an index, which allows remote malicious users to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie pa...
Fedoraproject Fedora 21
Fedoraproject Fedora 22
Canonical Ubuntu Linux 12.04
Debian Debian Linux 7.0
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Haxx Curl 7.37.1
Haxx Curl 7.38.0
Haxx Curl 7.33.0
Haxx Curl 7.34.0
Haxx Curl 7.35.0
Haxx Curl 7.41.0
Haxx Curl 7.36.0
Haxx Curl 7.37.0
Haxx Curl 7.31.0
Haxx Curl 7.32.0
Haxx Curl 7.39.0
Haxx Curl 7.40.0
Apple Mac Os X 10.10.2
Apple Mac Os X 10.10.3
Apple Mac Os X 10.10.0
1 Github repository
7.5
CVSSv2
CVE-2015-2782
Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive.
Debian Debian Linux 7.0
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Fedoraproject Fedora 22
Arj Software Arj Archiver 3.10.22
7.5
CVSSv2
CVE-2015-0778
osc prior to 0.151.0 allows remote malicious users to execute arbitrary commands via shell metacharacters in a _service file.
Fedoraproject Fedora 22
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Suse Opensuse Osc
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
7.5
CVSSv2
CVE-2014-9665
The Load_SBit_Png function in sfnt/pngshim.c in FreeType prior to 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote malicious users to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other i...
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.10
Freetype Freetype
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »