Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 2.2 vulnerabilities and exploits
(subscribe to this query)
7.6
CVSSv2
CVE-2013-6435
Race condition in RPM 4.11.1 and previous versions allows remote malicious users to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d d...
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 4.8.0
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 1.4.2\\/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.9.0
Rpm Rpm 4.0.1
Rpm Rpm 4.9.1.2
Rpm Rpm 2.2.11
7.6
CVSSv2
CVE-2006-3747
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions prior to 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote malicious users to cause a denial of service (application crash) and possib...
Apache Http Server
Canonical Ubuntu Linux 5.04
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
Debian Debian Linux 3.1
4 EDB exploits
2 Github repositories
7.6
CVSSv2
CVE-2006-1244
Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPa...
Libextractor Libextractor 0.3.8
Libextractor Libextractor 0.3.9
Xpdf Xpdf 0.92
Xpdf Xpdf 0.93
Xpdf Xpdf 1.0
Xpdf Xpdf 3.0
Xpdf Xpdf 3.0.1
Libextractor Libextractor 0.3.6
Libextractor Libextractor 0.3.7
Xpdf Xpdf 0.90
Xpdf Xpdf 0.91
Xpdf Xpdf 2.2
Xpdf Xpdf 2.3
Libextractor Libextractor 0.4
Libextractor Libextractor 0.4.1
Xpdf Xpdf 1.0a
Xpdf Xpdf 1.1
Xpdf Xpdf 3.0.1 Pl1
Xpdf Xpdf 3.0 Pl2
Gnome Gpdf 2.8.2
Libextractor Libextractor 0.3.11
Libextractor Libextractor 0.4.2
7.5
CVSSv2
CVE-2022-28346
An issue exists in Django 2.2 prior to 2.2.28, 3.2 prior to 3.2.13, and 4.0 prior to 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.
Djangoproject Django
Debian Debian Linux 9.0
Debian Debian Linux 11.0
7 Github repositories
7.5
CVSSv2
CVE-2022-28347
A SQL injection issue exists in QuerySet.explain() in Django 2.2 prior to 2.2.28, 3.2 prior to 3.2.13, and 4.0 prior to 4.0.4. This occurs by passing a crafted dictionary (with dictionary expansion) as the **options argument, and placing the injection payload in an option name.
Djangoproject Django
Debian Debian Linux 11.0
2 Github repositories
7.5
CVSSv2
CVE-2021-44420
In Django 2.2 prior to 2.2.25, 3.1 prior to 3.1.14, and 3.2 prior to 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths.
Djangoproject Django
Redhat Satellite 6.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
Fedoraproject Fedora 35
7.5
CVSSv2
CVE-2020-11800
Zabbix Server 2.2.x and 3.0.x prior to 3.0.31, and 3.2 allows remote malicious users to execute arbitrary code.
Zabbix Zabbix
Zabbix Zabbix 3.2.0
Opensuse Backports Sle 15.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2019-14234
An issue exists in Django 1.11.x prior to 1.11.23, 2.1.x prior to 2.1.11, and 2.2.x prior to 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, w...
Djangoproject Django
Fedoraproject Fedora 30
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Github repository
7.5
CVSSv2
CVE-2017-7375
A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surfa...
Xmlsoft Libxml2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 7.0
Google Android 5.1.1
Google Android 6.0.1
Google Android 5.0.2
Google Android 7.1.1
Google Android 7.1.2
Google Android 4.4.4
Google Android 6.0
Google Android 7.0
Xmlsoft Libxml2 2.9.4
7.5
CVSSv2
CVE-2015-4488
Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox prior to 40.0, Firefox ESR 38.x prior to 38.2, and Firefox OS prior to 2.2 allows remote malicious users to have an unspecified impact by leveraging a StyleAnimationValue::operator self assignment.
Oracle Solaris 11.3
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Os 2.1.0
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0
Mozilla Firefox
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »