Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 34 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-41816
CGI.escape_html in Ruby prior to 2.7.5 and 3.x prior to 3.0.3 has an integer overflow and resultant buffer overflow via a long string on platforms (such as Windows) where size_t and long have different numbers of bytes. This also affects the CGI gem prior to 0.3.1 for Ruby.
Ruby-lang Cgi
Fedoraproject Fedora 34
Fedoraproject Fedora 35
9.8
CVSSv3
CVE-2022-23614
Twig is an open source template language for PHP. When in a sandbox mode, the `arrow` parameter of the `sort` filter must be a closure to avoid attackers being able to run arbitrary PHP functions. In affected versions this constraint was not properly enforced and could lead to co...
Symfony Twig
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 11.0
2 Github repositories
9.8
CVSSv3
CVE-2021-44790
A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Ser...
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Tenable Tenable.sc
Netapp Cloud Backup -
Oracle Http Server 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Communications Operations Monitor 4.3
Oracle Communications Operations Monitor 4.4
Oracle Communications Operations Monitor 5.0
Oracle Communications Element Manager
Oracle Communications Session Report Manager
Oracle Communications Session Route Manager
Apple Macos
Apple Mac Os X 10.15.7
3 Github repositories
9.8
CVSSv3
CVE-2021-44847
A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 up to and including 0.1.11 and 0.2.0 up to and including 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote malicious users to crash the...
Toktok Toxcore
Fedoraproject Fedora 34
Fedoraproject Fedora 35
9.8
CVSSv3
CVE-2021-44143
A flaw was found in mbsync in isync 1.4.0 up to and including 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers (i.e., one that starts with an empty line) to provoke a heap overflow, which could concei...
Isync Project Isync
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
9.8
CVSSv3
CVE-2021-44026
Roundcube prior to 1.3.17 and 1.4.x prior to 1.4.12 is prone to a potential SQL injection via search or search_params.
Roundcube Webmail
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
1 Article
9.8
CVSSv3
CVE-2021-42377
An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. This may be used for remote code execution under rare conditi...
Busybox Busybox 1.33.1
Busybox Busybox 1.33.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Cloud Backup -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
9.8
CVSSv3
CVE-2021-43267
An issue exists in net/tipc/crypto.c in the Linux kernel prior to 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote malicious users to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.
Linux Linux Kernel
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
2 Github repositories
2 Articles
9.8
CVSSv3
CVE-2021-3756
libmysofa is vulnerable to Heap-based Buffer Overflow
Symonics Libmysofa
Fedoraproject Fedora 34
Fedoraproject Fedora 35
9.8
CVSSv3
CVE-2021-38297
Go prior to 1.16.9 and 1.17.x prior to 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.
Golang Go
Fedoraproject Fedora 34
Fedoraproject Fedora 35
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »