Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 7.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-7651
In Eclipse Mosquitto 1.4.14, a user can shutdown the Mosquitto server simply by filling the RAM memory with a lot of connections with large payload. This can be done without authentications if occur in connection phase of MQTT protocol.
Eclipse Mosquitto
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
2 Github repositories
7.5
CVSSv3
CVE-2017-12869
The multiauth module in SimpleSAMLphp 1.14.13 and previous versions allows remote malicious users to bypass authentication context restrictions and use an authentication source defined in config/authsources.php via vectors related to improper validation of user input.
Simplesamlphp Simplesamlphp
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
9.8
CVSSv3
CVE-2017-12873
SimpleSAMLphp 1.7.0 up to and including 1.14.10 might allow malicious users to obtain sensitive information, gain unauthorized access, or have unspecified other impacts by leveraging incorrect persistent NameID generation when an Identity Provider (IdP) is misconfigured.
Simplesamlphp Simplesamlphp
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
6.1
CVSSv3
CVE-2017-18121
The consentAdmin module in SimpleSAMLphp up to and including 1.14.15 is vulnerable to a Cross-Site Scripting attack, allowing an malicious user to craft links that could execute arbitrary JavaScript code on the victim's web browser.
Simplesamlphp Simplesamlphp
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
8.1
CVSSv3
CVE-2017-18122
A signature-validation bypass issue exists in SimpleSAMLphp up to and including 1.14.16. A SimpleSAMLphp Service Provider using SAML 1.1 will regard as valid any unsigned SAML response containing more than one signed assertion, provided that the signature of at least one of the a...
Simplesamlphp Simplesamlphp
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
9.8
CVSSv3
CVE-2018-7602
A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows malicious users to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal co...
Drupal Drupal
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
2 EDB exploits
8 Github repositories
8.8
CVSSv3
CVE-2017-1000450
In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and previous versions.
Opencv Opencv
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2018-10981
An issue exists in Xen up to and including 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request.
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Xen Xen
6.1
CVSSv3
CVE-2017-6927
Drupal 8.4.x versions prior to 8.4.5 and Drupal 7.x versions prior to 7.57 has a Drupal.checkPlain() JavaScript function which is used to escape potentially dangerous text before outputting it to HTML (as JavaScript output does not typically go through Twig autoescaping). This fu...
Drupal Drupal
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
6.1
CVSSv3
CVE-2017-6929
A jQuery cross site scripting vulnerability is present when making Ajax requests to untrusted domains. This vulnerability is mitigated by the fact that it requires contributed or custom modules in order to exploit. For Drupal 8, this vulnerability was already fixed in Drupal 8.4....
Drupal Drupal
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »